dns.exe virus?
Chris Lewis
clewis at nortelnetworks.com
Mon Sep 8 20:52:07 UTC 2003
Christopher J. Wolff wrote:
> After tracking down what I believed was an attempted DOS attack, it
> turns out that two Windows 2000 servers, fully updated, were spewing out
> hundreds of port 53 requests. Upon further investigation dns.exe was
> hogging 99% of the CPU.
> I haven't found any reference to this at CERT so I thought I would drop
> the occurrence into the nanog funnel to see what comes out. The attack
> started around 8AM MST. Thank you for your consideration.
I wonder if this is the tool used to attack Spamhaus, SPEWS and SORBS.
Do you know what the requests were for?
More information about the NANOG
mailing list