republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Nachi the new champion bad boy

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Reviews:
·Shaw

reply to R2

Re: Nachi the new champion bad boy

A regular ping has as packet data:

abcdefghijklmnopqrstuvwabcdefghi

whereas in a Nachi ping the packet contents are:

ªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªªª

Note this is supposed to Ascii character 'AA' but it doesn't display correctly in the posting (it is also known as a 'CyberKit ping').

Also note the length of the packet data is different as well.

I'm sure the author of the Nachi worm did this by design as it allows you identify Nachi infected systems by the content (and size) of the ping packet.

Blake
--
»www.SonicLogger.com - Logging Software for SonicWall and 3Com
»www.LinkLogger.com - Logging Software for Linksys, Netgear and Zyxel
to forum · permalink · 2003-11-19 08:15:49 ·


R2
R Not
Premium,MVM
join:2000-09-18
Long Beach, CA
kudos:1

Understand. Thanks.

to forum · permalink · 2003-11-19 08:48:16 ·
Forums > Broadband Tech > Security > Security

Sunday, 03-Jun 14:21:18 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics