Something weird going in ... ZoneAlarm might be good idea :(
Thread Starter
Scooby Regular
Joined: Oct 1999
Posts: 3,491
Likes: 0
No scaremongering, but ...
I had about 3000 alarms in the last 3 days from my PC being scanned.
Looks like another trojan becoming active ...
Just make sure that you have some kind of protection on your PC. ZoneAlarm is pretty good and free, but others may be equally useful.
See
I had about 3000 alarms in the last 3 days from my PC being scanned.
Looks like another trojan becoming active ...
Just make sure that you have some kind of protection on your PC. ZoneAlarm is pretty good and free, but others may be equally useful.
See
Scooby Regular
Joined: May 2000
Posts: 869
Likes: 0
Its good to keep reminding people!
Had a consultant at work this week who complained about a lot of data being sent down his dialup link (which he left connected all day).
It had transferred over 100mb -
netstat -na revealed over 5000 open ports. On reboot, over 2000 ports were opened immediately.
He had a trojan, hadn't updated the virus files in 6 weeks and had no personal firewall. Told him to talk to his IT dept who told him that the laptops were 'self managing' ie he had to do it himself!!!
Regularly updated virus checker plus personal firewall and regular patching isn't just for those of us who run servers....
Had a consultant at work this week who complained about a lot of data being sent down his dialup link (which he left connected all day).
It had transferred over 100mb -
netstat -na revealed over 5000 open ports. On reboot, over 2000 ports were opened immediately.
He had a trojan, hadn't updated the virus files in 6 weeks and had no personal firewall. Told him to talk to his IT dept who told him that the laptops were 'self managing' ie he had to do it himself!!!
Regularly updated virus checker plus personal firewall and regular patching isn't just for those of us who run servers....
Thread Starter
Scooby Regular
Joined: Oct 1999
Posts: 3,491
Likes: 0
OK, just to update ... all scans seem to go to port 80, so it may be the Code Red thing relaunching.
If you are not running IIS, you don't have to worry about this one. Still, recommendation of a personal firewall still holds.
Theo
If you are not running IIS, you don't have to worry about this one. Still, recommendation of a personal firewall still holds.
Theo
Scooby Regular
Joined: May 2000
Posts: 869
Likes: 0
most of the connections to port 80 at the moment will be code red, or one of its variants/children.
i'm seeing >50 attempts per day.
depends on your ip address: a mate's server is getting 200 attempts per day.
oh well, only 10 days of it to go (until the 1st Sept, anyway).
cleanup of code red 1 is easy as its memory based only: reboot, then patch to stop re-infection.
code red 2 is a bit more tricky....plenty of sites with the info needed though.
i'm seeing >50 attempts per day.
depends on your ip address: a mate's server is getting 200 attempts per day.
oh well, only 10 days of it to go (until the 1st Sept, anyway).
cleanup of code red 1 is easy as its memory based only: reboot, then patch to stop re-infection.
code red 2 is a bit more tricky....plenty of sites with the info needed though.
Trending Topics
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
20
Oct 22, 2015 06:12 AM
jobegold@hotmail.co.uk
ScoobyNet General
43
Sep 24, 2015 02:16 PM
Adam Kindness
ScoobyNet General
0
Sep 15, 2015 03:31 PM