einde raad hellkern worm

Beste,

Wie kan me helpen? Ik krijg dagelijks min. 10 keer het onderstaand berichtje van een attack op mijn scherm,kaspersky antivirus geeft dan het onderstaand berichtje weer. Ik heb computer in save modus al verschillende keren gescand. Adawere doet ook niets.

Been attack from internet Network attack intrusion.win.MSSQL worm hellkern from adress 10.96.1.2 has been succesfull repelled.

bedankt,

Stefan

Reply to
flux
Loading thread data ...

Dit is en engelse nieuwsgroup, dus zalde u engels schrijven.

That looks like a message of an inbound attack, so it's most likely not your computer that is infected (I suppose 10.96.1.2 is not the IP address of your box). You can use a network sniffer (e.g. Ethereal) to make sure. If it is an inbound attack (and you are not running an MS SQL-Server or MSDE) you can safely ignore these messages.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

| > Been attack from internet | > Network attack intrusion.win.MSSQL worm hellkern from adress 10.96.1.2 | > has been succesfull repelled. | | That looks like a message of an inbound attack, so it's most likely not | your computer that is infected (I suppose 10.96.1.2 is not the IP | address of your box). You can use a network sniffer (e.g. Ethereal) to | make sure. If it is an inbound attack (and you are not running an MS | SQL-Server or MSDE) you can safely ignore these messages. |

NetRange: 10.0.0.0 - 10.255.255.255 CIDR: 10.0.0.0/8 NetName: RESERVED-10 Parent: NetType: IANA Special Use NameServer: BLACKHOLE-1.IANA.ORG NameServer: BLACKHOLE-2.IANA.ORG Comment: This block is reserved for special purposes. Comment: Please see RFC 1918 for additional information.

In other words: the attack is NOT coming from the public internet, but from something inside your local network. If your PC is part of a company network: warn your system administrator. If your PC is part of a home network: one of he other PCs on the home network is infected.

SB

Reply to
Spam Buster

[...]

First, it's not my network. Second, you man want to read [1] to understand that a source IP from a private network doesn't necessarily mean that the packet came from the LAN. Third, we don't know anything about the OP's LAN, so we can't possibly know whether there is a box with IP 19.96.1.2 on his LAN. So the attack may or may not come from his LAN. It may even be the AV software misinterpreting packets.

[1]
formatting link
cu 59cobalt
Reply to
Ansgar -59cobalt- Wiechers

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.