Ranjeet, There is a Microsoft worm on the wild, and for what you are saying it seems like some of your clients are infected with it, check Mcaffee or Sophos or ther vendors websites they have instructions on how to remove it, I hope you are using a good virus scanner.
make sure you have a firewall protecting your users and block all incomming to via port 135-139, 445 , anyway read on. Hope this helps.. ......wait I will send you a link https://tms.symantec.com/members/AnalystReports/030811-Alert-DCOMworm.pdf Cesar Osorio Ranjeet Shetye <ranjeet.shetye2@ To: [EMAIL PROTECTED] zultys.com> cc: Subject: Re: Increase in UDP Port Scans 12/08/2003 09:25 On Mon, 2003-08-11 at 08:19, Gordon Brandt wrote: > I have noticed the following port scans lately on my network > > 08/11/2003 05:14:22.112 - Possible Port Scan - Source:24.52.108.213, 1745, > WAN - Destination:255.255.255.255, 7782, LAN - UDP scanned port list, > 8777, 8777, 7778, 7779, 7780 - > 08/11/2003 05:14:22.128 - Probable Port Scan - Source:24.52.108.213, 1745, > WAN - Destination:255.255.255.255, 7787, LAN - UDP scanned port list, > 8777, 8777, 7778, 7779, 7780, 7781, 7782, 7783, 7784, 7785 - > > > I did a little digging with google, and it appears that these ports are used > by Unreal Tournament servers. So, after seeing this, I relaxed a little > thinking that someone had just gotten a new game. This morning, I checked > my email, and I have a significant amount of these messages, coming into > different branch offices (we use cable/dsl for internet access) so it can't > just be one person with a new pc. > > Anyone else seeing this? > > Gordon Brandt > Network Engineer > AP Wagner, Inc. > [EMAIL PROTECTED] > > > --------------------------------------------------------------------------- > ---------------------------------------------------------------------------- Not to deflect attention from any possible intrusion attempts, but if this happens primarily over the weekends or after-hours, your office might be inhabitated by a bunch of gamers who cannot afford broadband at home, and are using the office high speed connections to get their fix. :D Since I play UT once in a while (on my home DSL), I can understand their need for a low ping. -- Ranjeet Shetye Senior Software Engineer Zultys Technologies Ranjeet dot Shetye2 at Zultys dot com http://www.zultys.com/ The views, opinions, and judgements expressed in this message are solely those of the author. The message contents have not been reviewed or approved by Zultys. --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
