Full Disclosure mailing list archives
AW: [fd] AW: attacks shutting down windows mach ines?
From: vogt () hansenet com
Date: Tue, 12 Aug 2003 13:16:28 +0200
I wouldn't go by such anecdotal evidence as shutdown/reboot times. Check your event viewer logs for RPC/DCOM errors, monitor your network traffic, check for the suspicious files on the systems, scan for the ports opened by the worm, etc....
I would. Unfortunately, these are customer systems. We're an ISP. So whatever survives the filter (Machine)->(customer-brain)->(hotline)->(me) is what I have. Tom Vogt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: [fd] AW: attacks shutting down windows mach ines? vogt (Aug 12)