|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: zero (zeroboy
arrakis.es)Date: Wed Apr 03 2002 - 15:56:27 CST
At 13:27 03/04/2002 -0600, you wrote:
>Recently some computers on a few LANs on our network were sending full size
>packets and were the top talkers on campus.
Have you analyzed the packets? Which protocol? Which destination? Which
source port?
>When we looked into this
>further, it appeared that all the machines were Windows machines with a
>service called either ntsds.exe or ntsdc.exe. This service couldn't be
>stopped. The only way to keep it from loading was to rename the file. The
>traffic ceased when we finally were able to stop the service. I can't seem
>to find anything about this service anywhere. Has anyone else on the list
>experienced this or can point me in the right direction? Thanks
It can be many things, a DDoS client maybe?
Any clues?
www.citfi.org
www.podergeek.com
**********************************
"The further backward you look, the further forward you can see" Winston
Churchill
"Access is GOD..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]