|
Post by ogeezer on Nov 8, 2006 9:42:51 GMT -6
is WC Unleashed UNDER ATTACK
Only made 2 topic links online today but my Antivirus detected & blocked a Worm Intrusion with following data:
#1: Intrusion: MSRPC SrvSvc NetApi Buffer Overflow (2) Intruder: 82.135.87.41 (4423) Risk Level: High Protocol: TCP Attacked IP: OWNER (64.147.65.94) Attacked Port: netbios-ssn (139)
#2 Intrusion: MSRPC SrvSvc NetApi Buffer Overflow (2) Intruder: 219.109.125.139 (3382) Risk Level: High Protocol: TCP Attacked IP: OWNER (64.147.65.120) Attacked Port: netbios-ssn (139)
Don't know what all the preceeding means but that's it. Watch out!
|
|
|
Post by Webmaster on Nov 8, 2006 10:10:54 GMT -6
It was most likely one of the banners. Some here use Firefox with the ad blocker which disables any attempts through those points. Some yet, even use the Norton's Internet Security which also blocks banner advertisements and flash advertisements as well.
At any rate it's not uncommon to have an advertisements on various internet sites infected with one thing or another. It only furthers the importance of having up to date virus software and firewall protection. I've surfed around the site so far an have not run into anything yet but I will keep my eye out ogeezer. I'll also check our provider and see if any information has popped up about it there as well.
Thanks again for pointing this out.
|
|
texas_gal
Founding Member
aka srvchild
Posts: 3,027
|
Post by texas_gal on Nov 8, 2006 10:15:11 GMT -6
Banners? oh yeah..those annoying things. Thank God for Firefox with Adblocker
|
|
|
Post by Mad Scientist on Nov 12, 2006 4:13:55 GMT -6
snip-- Don't know what all the preceeding means... A buffer overflow happens when the sender manages to put more data in than is expected - leading to 'unpredictable' results, Very common method these days. Google it. The first was from Amsterdam, NL, the second from Milton, AU. Your provider is Intertex Information Systems, Inc. out of Richmond. You were attacked on port 139 - see www.iss.net/security_center/advice/Exploits/Ports/139/default.htm
|
|
|
Post by ogeezer on Nov 12, 2006 17:36:17 GMT -6
Thanx MadScientist for the info tho I'm not real sure what thats in iss.net means ... having had to upgrade to a new CPU recently after my Jurrasic Park Windows 98 system crashed completely, I'm not at all sure what the EC Computer Center put into / left open when they installed my IP as XP has features my previous system didn't and lacks some features other one did. Anyway, that's a Kudo to you!
|
|