Question : [DOS attack: STORM]

I have a small home network behind a XYZ Router. I check the router security logs and keep seeing:

==> [DOS attack: STORM] attack packets in last 20 sec from ip [xxx.xxx.xx.xx],

As a fairly new student of PC and network security I still do not know too much… I mean, I know what a denial of service attack is, but not “storm”. I can make a pretty safe assumption that PC with the IP of [xxx.xxx.xx.xx] is being used to launch the attacks and therefore has a virus or whatever.

How do I determine if a PC is actually infected?

How do I get rid of this thing?

Thanks.
Mark

• PC with the IP of [xxx.xxx.xx.xx] is running XP Pro, but uses a wireless adapter

Answer : [DOS attack: STORM]

>> How do I determine if a PC is actually infected?
> the attack has been logged, that means your firewall has identified the attack and denied the requests. your internal PC should not be affected.

as i said earlier, your PCs behind the firewall should be fine. that external attack should NOT be correlated with your internal computers.

let's say, IF your PCs were correlated with some kind of DoS attack, or in other words the PCs have become some kind of Botnet (malware agent), the abnormal traffic should be OUTGOING traffic (at least, mainly), not the incoming traffic that you are suffering from.

hope it helps,
bbao

Random Solutions

disk cleanup options

Manually Inserting form data in a database using Visual Basic in Web Developer 2010 Express

Few users are deleted from Active Directory but thay are still visible as my colleagues in my site

Installing an SSL Certificate in Microsoft Exchange Server 2007

JavaScript and Ajax won't save my data on IE7 but it works fine in IE8

Column: ProductIDText is not full-text searchable.

iSCSI Initiator and multiple connections

Is it possible to create a script that will retrieve data from excel?

Out of Office Message for dismissed employee on Exchange 2007