Question : [DOS attack: STORM]

I have a small home network behind a XYZ Router.  I check the router security logs and keep seeing:

 ==> [DOS attack: STORM] attack packets in last 20 sec from ip [xxx.xxx.xx.xx],

As a fairly new student of PC and network security I still do not know too much… I mean, I know what a denial of service attack is, but not “storm”.  I can make a pretty safe assumption that PC with the IP of [xxx.xxx.xx.xx] is being used to launch the attacks and therefore has a virus or whatever.  

How do I determine if a PC is actually infected?

How do I get rid of this thing?


Thanks.
Mark

•      PC with the IP of [xxx.xxx.xx.xx] is running XP Pro, but uses a wireless adapter

Answer : [DOS attack: STORM]

>> How do I determine if a PC is actually infected?
> the attack has been logged, that means your firewall has identified the attack and denied the requests. your internal PC should not be *affected*.

as i said earlier, your PCs behind the firewall should be fine. that external attack should NOT be correlated with your internal computers.

let's say, IF your PCs were correlated with some kind of DoS attack, or in other words the PCs have become some kind of Botnet (malware agent), the abnormal traffic should be OUTGOING traffic (at least, mainly), not the incoming traffic that you are suffering from.

hope it helps,
bbao
Random Solutions  
 
programming4us programming4us