Re: Virus is getting domain account listing
From: Ronda Allen (ronda.allen_at_state.co.us)
Date: 05/10/04
- Previous message: David Carlin: "Re: Virus is getting domain account listing"
- Maybe in reply to: David Carlin: "Virus is getting domain account listing"
- Next in thread: Harlan Carvey: "RE: Virus is getting domain account listing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 10 May 2004 12:21:53 -0600 To: <focus-ms@securityfocus.com>
About a year ago we experienced the same issue when 2 machines on our
network were infected with a Trojan called Backdoor.gen. We could see
failed logon attempts in the Security Event Viewer on the DC's on the
Windows 2000 domain ....and this will also tell you what machine on your
network is infected. When you find the machine that is attacking your
network you should run a full virus scan and see if the trojan is
detected. Strange thing is that the Trojan was not detected until a
full scan was run on the infected machine...even though the dats were up
to date.
RLA
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: David Carlin: "Re: Virus is getting domain account listing"
- Maybe in reply to: David Carlin: "Virus is getting domain account listing"
- Next in thread: Harlan Carvey: "RE: Virus is getting domain account listing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
