Patch *after* reinstalling from scratch at this point, the machines have been compromised and exploited at this point. Thanks, Ron DuFresne On Wed, 27 Jun 2001, Richard Gilman wrote: > Patch your IIS boxes! Specifically for unicode and directory traversal > vulnerabilities...:-) > http://support.microsoft.com/support/kb/articles/Q297/8/60.ASP > > >Lately my network has been swamped!! Cut off our internet connection. Then > >after probing our network it turns out some computers had TONS of CMD.exe > and > >PING.exe running!!! These boxes were PINGing like crazy killing the > network. > > >Has anyone encountered this or can point me to how we got it and how to > >rectify it? > > Rich > > _______________________________________________ > Firewalls mailing list > Firewalls@lists.gnac.net > http://lists.gnac.net/mailman/listinfo/firewalls > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls