Question : [DOS attack: STORM]

I have a small home network behind a XYZ Router. I check the router security logs and keep seeing:

==> [DOS attack: STORM] attack packets in last 20 sec from ip [xxx.xxx.xx.xx],

As a fairly new student of PC and network security I still do not know too much… I mean, I know what a denial of service attack is, but not “storm”. I can make a pretty safe assumption that PC with the IP of [xxx.xxx.xx.xx] is being used to launch the attacks and therefore has a virus or whatever.

How do I determine if a PC is actually infected?

How do I get rid of this thing?

Thanks.
Mark

• PC with the IP of [xxx.xxx.xx.xx] is running XP Pro, but uses a wireless adapter

Answer : [DOS attack: STORM]

>> How do I determine if a PC is actually infected?
> the attack has been logged, that means your firewall has identified the attack and denied the requests. your internal PC should not be affected.

as i said earlier, your PCs behind the firewall should be fine. that external attack should NOT be correlated with your internal computers.

let's say, IF your PCs were correlated with some kind of DoS attack, or in other words the PCs have become some kind of Botnet (malware agent), the abnormal traffic should be OUTGOING traffic (at least, mainly), not the incoming traffic that you are suffering from.

hope it helps,
bbao

Random Solutions

Dell Studio 1535 and upgrading (downgrading) to XP Pro

my computer is slow!!!

How do I prevent my app from being indexed by search engines

How to Query Same Table twice using 1 SQL Query ?

file system structure on the disk is corrupt on \Device\HarddiskVolumeShadowCopy31

How do I have an SQL incremental column for each user?

Windows 7 printing on Citrix Windows Server 2003

Terminal Services connections and Exchange 2010

How do I test for a null value in a datagridview cell

How can I grep 2 digital year information in Redhat linux