Ethereal

Re: [Ethereal-users] ARP-Protokoll
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: October 2004

BROWN, JAMES C wrote: 
Hi everyone!  Just an FYI on a new worm.

There is a new worm variant out there which is beginning to be picked up by
the press.  We got hit last week by one called spybot (but NOT related to
the program) which also uses port 445.  We were the first to call it into
NAV who very promptly published a fix.  I'm sure other AV vendors will also
follow suit.  In all our cases the "bot" was trying to scan addresses in the
149.8.x.x and 149.7.x.x ranges and also used port 445.


Should we have some troubleshooting pages on the Wiki that, for example,
describe particular symptoms such as ARP floods, and common causes?  We
might have a link from pages for particular protocols on the Wiki to
pages for symptoms related to those protocols.  We could also have a
top-level troubleshooting page link to them as well.


Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.