Question : [DOS attack: STORM]

I have a small home network behind a XYZ Router. I check the router security logs and keep seeing:

==> [DOS attack: STORM] attack packets in last 20 sec from ip [xxx.xxx.xx.xx],

As a fairly new student of PC and network security I still do not know too much… I mean, I know what a denial of service attack is, but not “storm”. I can make a pretty safe assumption that PC with the IP of [xxx.xxx.xx.xx] is being used to launch the attacks and therefore has a virus or whatever.

How do I determine if a PC is actually infected?

How do I get rid of this thing?

Thanks.
Mark

• PC with the IP of [xxx.xxx.xx.xx] is running XP Pro, but uses a wireless adapter

Answer : [DOS attack: STORM]

>> How do I determine if a PC is actually infected?
> the attack has been logged, that means your firewall has identified the attack and denied the requests. your internal PC should not be affected.

as i said earlier, your PCs behind the firewall should be fine. that external attack should NOT be correlated with your internal computers.

let's say, IF your PCs were correlated with some kind of DoS attack, or in other words the PCs have become some kind of Botnet (malware agent), the abnormal traffic should be OUTGOING traffic (at least, mainly), not the incoming traffic that you are suffering from.

hope it helps,
bbao

Random Solutions

Folder Redirection - Netgear ReadyNAS

Auto complete in Outlook 2010

ASP.NET - why would I get this error on my host when I do not get it on my localhost

New user able to send but not able to receive email

Server SBS 2003 DHCP & DNS issue

Override default gateway set by cisco anyconnect VPN client

how to empty a mailbox of microsft exchange2000 from the server?

Lables printing problem using MS Word

UK Stock Price Feed

outlook 2007 keeps faulting in module msoert2.dll