KWSN Orbiting Fortress Forum Index KWSN Orbiting Fortress
KWSN Distributed Computing Teams forum
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Is someone preparing a DoS attack on me?

 
Post new topic   Reply to topic    KWSN Orbiting Fortress Forum Index -> Ye Olde Help Scrolls
View previous topic :: View next topic  
Author Message
The Knighty NI
Prince
Prince


Joined: 06 Sep 2007
Posts: 780
Location: Lost in space on a rather small Blue ping pong ball. :)

PostPosted: Tue Jan 17, 2012 5:35 pm    Post subject: Is someone preparing a DoS attack on me? Reply with quote

My firewall over the last few days has intercepted MS02-039_SQL_SERVER_RESOLUTION_EXPLOIT

There are four source IP's for all the interceptions so far with one of them only showing up once. All the interceptions are coming to my IP address where I connect to the internet. The latest interception was this afternoon at about 4pm GMT.

I checked it out on the Trend Micro Threat site and it seems to be a very old vulnerability from back in 2002.

http://about-threats.trendmicro.com/archivevulnerability.aspx?language=us&name=MS02-039_SQL_SERVER_RESOLUTION_EXPLOIT

What are your thoughts Kniggets and Kniggetesses?
_________________
What is that in the Shrubbery?
Back to top
View user's profile Send private message
Pooh Bear 27
Prince
Prince


Joined: 28 Jan 2005
Posts: 1354
Location: Fond du Lac, WI

PostPosted: Tue Jan 17, 2012 5:40 pm    Post subject: Reply with quote

Probably a Worm out there doing address checks to search for certain things and if found roll a real attack. Your ISP may be the one that is actually being searched through and they've hit all the addresses across the space a few times just to see what they find.
Back to top
View user's profile Send private message
The Knighty NI
Prince
Prince


Joined: 06 Sep 2007
Posts: 780
Location: Lost in space on a rather small Blue ping pong ball. :)

PostPosted: Tue Jan 17, 2012 5:45 pm    Post subject: Reply with quote

Thanks Pooh. Do you think I should alert my ISP to this to see if there is anything going on generally on the IP addresses my ISP owns?

Also to see if they are able to do anything about this generally for all other users of my ISP?
_________________
What is that in the Shrubbery?
Back to top
View user's profile Send private message
PhastPhred
Prince
Prince


Joined: 22 Mar 2006
Posts: 6017
Location: Northwest AR (USA)

PostPosted: Tue Jan 17, 2012 6:48 pm    Post subject: Reply with quote

SLAMMER!! Yeah, been around awhile! 2010 article from Kaspersky Labs at
http://threatpost.com/en_us/blogs/inside-story-sql-slammer-102010
Quote:
As I write this in 2010, Slammer is still out there, nearly eight years after release, still doing the rounds, so to speak. This is at worst an annoyance as, fortunately, Slammer had no destructive payload but it does suggest that there are still unpatched SQL and MSDE installs out there. This is incredible to me but unpatched systems are definitely few and far between. One positive aspect of Slammer was the effect it had on patching – prior to Slammer I’d guesstimate, from the results of penetration tests and so on, that 9 out of 10 SQL Servers were unpatched. Immediately after Slammer this reversed leaving 1out of 10 unpatched. Patching was 100% effective in preventing reinfection and so, in its own ironic way, Slammer helped make the Internet that little bit more secure.

_________________
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    KWSN Orbiting Fortress Forum Index -> Ye Olde Help Scrolls All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Optimized Seti@Home App | BOINC Stats