Welchia.

  • Thread starter Thread starter mg
  • Start date Start date
M

mg

Shit is this a bad virus. We got it a month or so ago and managed to clean
most PC's. But we got re-infected today. It was pushing thousands of packets
and a consistant 2Mb through a core router.

It was only that we had a Packeteer and were able to limit icmp to 1kb that
we were able to recover. We've now blocked icmp on all WAN routers and
logging all traffic. What a day!

I'd love to get the Welchia author in a padded cell for a few minutes, I'd
throw thousands of punches for his thousands of packets. That's my whinge
for today, goodnight.
 
In
mg said:
Shit is this a bad virus. We got it a month or so ago and managed to
clean most PC's. But we got re-infected today. It was pushing
thousands of packets and a consistant 2Mb through a core router.

It was only that we had a Packeteer and were able to limit icmp to
1kb that we were able to recover. We've now blocked icmp on all WAN
routers and logging all traffic. What a day!

I'd love to get the Welchia author in a padded cell for a few
minutes, I'd throw thousands of punches for his thousands of packets.
That's my whinge for today, goodnight.
Click to expand...

It would be better to patch immediately after the first attack !

Repeat after me "I must apply MSF security patches as soon as they are
available".

--

Jean-Luc Cavey
Paris, France
E-Mail : (e-mail address removed)
http://canon.cavey.org/
 
Shit is this a bad virus. We got it a month or so ago and managed to clean
most PC's. But we got re-infected today. It was pushing thousands of packets
and a consistant 2Mb through a core router.

It was only that we had a Packeteer and were able to limit icmp to 1kb that
we were able to recover. We've now blocked icmp on all WAN routers and
logging all traffic. What a day!

I'd love to get the Welchia author in a padded cell for a few minutes, I'd
throw thousands of punches for his thousands of packets. That's my whinge
for today, goodnight.
Click to expand...
I found it in the windows restore folder, a protected folder. Had to
shut off restore, delete it, and restart restore.
 
Back
Top