- This topic has 5 replies, 3 voices, and was last updated 11 years, 1 month ago by
.
-
Posts
-
-
Hi, need advise please, there is conficker on my network althought all pc now
is clean there is some question i need to ask, if i plug the new pc/unpatched pc(XP) on network in some unknown time the AV will give warned about the conficker, so i just try to run wireshark on the new pc/unpatched and sometime
i got the random packet source to dest and different port but in a random time to.Could anyone give me some advise about what the next step i should do cause i had block some pc which try to connect to conficker server i had seen
the activity from my log router.Thanks a lot. 🙂
Regards,
Nubie -
-
Yes, that’s correct johnfellers, but when i check using wireshark on unpatched new pc
to sniff packet on network it got warned AV but the source is come from pc on network, on wireshark when i right click some packet and follow tcp stream the av
pop up and warned about conficker.Thank’s a lot for your reply and i’m very hope for your advise please. 🙂
Regards,
Nubie -
-
Yes, i’ve been thinking like that too however when i checked again that machine there is no conficker found, is that possible for the new pc unpatched being the gateway for conficker to other machine on network cause on the packet i’ve seen on wireshark sometime the new pc unpatched being the source to destination some machine on network(patched) ?.
Thank’s a lot for your reply timmedin. 🙂
Regards,
Nubie -
-
- You must be logged in to reply to this topic.
