dns.exe virus?

• Previous message (by thread): dns.exe virus?
• Next message (by thread): dns.exe virus?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Christopher J. Wolff wrote:

> After tracking down what I believed was an attempted DOS attack, it
> turns out that two Windows 2000 servers, fully updated, were spewing out
> hundreds of port 53 requests.  Upon further investigation dns.exe was
> hogging 99% of the CPU.  

> I haven't found any reference to this at CERT so I thought I would drop
> the occurrence into the nanog funnel to see what comes out.  The attack
> started around 8AM MST.  Thank you for your consideration.

I wonder if this is the tool used to attack Spamhaus, SPEWS and SORBS.

Do you know what the requests were for?

• Previous message (by thread): dns.exe virus?
• Next message (by thread): dns.exe virus?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]