Re: lug-bg: ping flood - virus ?
- Subject: Re: lug-bg: ping flood - virus ?
- From: "G. Georgiev (Skeleta)" <g_georgiev.sz@xxxxxx>
- Date: Tue, 02 Sep 2003 15:38:33 +0300
raptor wrote:
zdraweite,
move li da mi kavete koi e toq wirus ot skoroshnite deto se poqwiha koito, generira ping-flood ot zarazeniq komputyr ... kato zapochwa ot mrevata w koqto se namira ...i taka nared nared...uwelichawa C-clas-a s 1..primerno
192.168.1.0/24
posle
192.168.2.0/24
192.168.3.0/24
...etc...
weche blokirah izhodqshtiq ping ama da znam na klientite da im kava koq antivirusna da si drypnat...
Kazva se LoveSan.D ili Welchia ili Nachi.worm.
Dobre e da blokirash ping i tcp port 135.
Tova e taka nare4enia 'dobar' worm, deto triabva da ti instalira
pachovete na M$.
Zaraziava NT 4.0 i nagore.
Ne znam zashto v antivirusnite web-stranici go broiat za sredno opasen,
sled kato blokira s ping-ove
trafika i lekuvaneto mu e dosta tromava i bavna procedura (opisvam ia za
komputer s otkachena mrejova karta):
1. S niakakav cleaner (primerno clrav.com na Kaspersky) se ubiva virusa.
2. Slaga se service pack 4 ako ste na Win 2000 (tozi file e kam 130M).
3. Slaga se security patch za saotvetnata MS boza. (okolo 1M file)
Sichko tova otnema na Win 2000 pone 30 minuti, t.e. pravilnata procedura
se pravi samo ot
saznatelen mrejovi administrator, poradi koeto ne mi e iasno kolko
meseca shte cirkulira iz
mrejite.
Niakoi Cisco routeri mnogo lesno se blokirat ot flood-a, koeto prekasva
uslugite v golemite intranet mreji.
================================
Ima i mnogo leko le4enie:
Kaji na klientite si da minat na Win 98 !!!
--
Skelet
------ http://skelet.hit.bg/
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|