|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: S.G. (sg
cchono.com)Date: Mon Jan 07 2002 - 04:17:17 CST
When TFTP is run from a Windows NT system (oh, lets say to
download an infected file), what would cause it to leave behind an
empty TFTP temp file, such as tftp###, which has no size (0 bytes)?
Would this indicate a failed download due to firewall blocking or the
target system was unavailable, or something else?
This happens to be Nimda related (other network traffic pointed to this
as well), but I'm more interested in the TFTP temp file behavior on
WinNT right now. BTW, the system was not successfully infected.
The TFTP Gets were run, but no data seemed to cross the network,
though these empty tftp temporary files were created on the client
(from where the TFTP Gets were run). Any insight into the cause of
this behavior (the 0-byte files) would be much appreciated.
S.G.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]