Full Disclosure mailing list archives
RE: Blaster Side Affect?
From: "Bassett, Mark" <mbassett () omaha com>
Date: Mon, 18 Aug 2003 11:56:28 -0500
We are having major dns issues here also, things are all resolving to 64.62.159.128 Which happens to be owned by Search results for: 64.62.159.128 Hurricane Electric HURRICANE-4 (NET-64-62-128-0-1) 64.62.128.0 - 64.62.255.255 Vicajo Consultants dba Onefusion.com HURRICANE-CE0848-341 (NET-64-62-159-0-1) 64.62.159.0 - 64.62.159.255 # ARIN WHOIS database, last updated 2003-08-17 19:15 # Enter ? for additional hints on searching ARIN's WHOIS database. -----Original Message----- From: Richard Spiers [mailto:dksaarth () unix za net] Sent: Monday, August 18, 2003 10:32 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Blaster Side Affect? Yeah, can't give details because i'll only be able to look at the machine sometime next week, but I've had a friend phone me and complain that his windows 2000 server is now having trouble with DNS names. ----- Original Message ----- From: "henry j. mason" <hmason () dbsinet com> To: <full-disclosure () lists netsys com> Sent: Monday, August 18, 2003 3:22 PM Subject: Re: [Full-disclosure] Blaster Side Affect?
about 1.5 weeks before the worm appeared, my windows 2000 machine stopped resolving DNS names. a reboot would solve the problem, then after an hour it would stop working again. networking was fine otherwise - resolving hosts via the hosts file worked and you could reach machines by numeric ip address. restarting the DNS client service did nothing. in fact, i never found a solution, and ended up installing windows on new hardware and moving my files over. what a waste of time. i have no idea if this is related to the worm or just a bug in windows (god forbid). but since your symptoms appear to be similar i thought i would mention it. if this is your problem, and you find a fix, i'd really like to know about it... regards, henry Adam wrote:My apologies if this is a stupid question. I haven't seen this
mentioned on
the list yet and I haven't heard about until today when some
customers
called. It seems that after they get the worm ( which I have been
telling
the to update since July...go figure ) and remove it. They can no
longer get
to any websites. Checked all the settings and they are good. They
can ping
outside there network and get email through outlook. Just can't
browse any
websites? Anyone heard of this or why it is happening? Or how to
fix it.
Any help would be greatly appreciated. Adam Richards _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ************************************************************ Omaha World-Herald Company computer systems are for business use only. This e-mail was scanned by MailSweeper ************************************************************ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Blaster Side Affect? Adam (Aug 15)
- Re: Blaster Side Affect? henry j. mason (Aug 18)
- Re: Blaster Side Affect? Richard Spiers (Aug 18)
- <Possible follow-ups>
- RE: Blaster Side Affect? Bassett, Mark (Aug 18)
- Re: Blaster Side Affect? henry j. mason (Aug 18)