I have been seeing this for awhile in IDS logs. You can patch the problem , which no one seems to do or change permissions on cmd.exe . This hole really causes a lot of problems. K -----Original Message----- From: firewalls-admin@pluto.gnac.com [mailto:firewalls-admin@pluto.gnac.com]On Behalf Of Richard Gilman Sent: Wednesday, June 27, 2001 3:52 AM To: firewalls@pluto.gnac.com Subject: PING VIRUS??? Patch your IIS boxes! Specifically for unicode and directory traversal vulnerabilities...:-) http://support.microsoft.com/support/kb/articles/Q297/8/60.ASP >Lately my network has been swamped!! Cut off our internet connection. Then >after probing our network it turns out some computers had TONS of CMD.exe and >PING.exe running!!! These boxes were PINGing like crazy killing the network. >Has anyone encountered this or can point me to how we got it and how to >rectify it? Rich _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls