[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [afnog]Slow internet access
- To: Jean Robert HOUNTOMEY <hrobert at isertech.net>,Cletus Okolie <cletus_okolie at yahoo.com>, woody at pch.net
- Subject: Re: [afnog]Slow internet access
- From: Robert Longla <rtlongla at yahoo.co.uk>
- Date: Wed, 10 Sep 2003 16:06:49 +0100 (BST)
- Cc: afnog at afnog.org
- Content-Transfer-Encoding: 8bit
- Content-Type: text/plain; charset=iso-8859-1
- Delivered-To: afnog-archive at lists.eahd.or.ug
- Delivered-To: afnog at afnog.org
- In-Reply-To: <007601c377a1$08737450$53bf383e at DG>
- List-Archive: <http://listserv4.cfi.co.ug/pipermail/afnog>
- List-Help: <mailto:afnog-request at afnog.org?subject=help>
- List-Id: The AfNOG general discussion list <afnog.afnog.org>
- List-Post: <mailto:afnog at afnog.org>
- List-Subscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=subscribe>
- List-Unsubscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=unsubscribe>
- Sender: afnog-bounces at afnog.org
Hi Jean Robert
I have just installed ethereal but don't know how to
use it to sniff my network. Could you give me some
basic steps.
Robert
--- Jean Robert HOUNTOMEY <hrobert at isertech.net>
wrote: > Hi Cletus, Hope you find a solution for your
> problem.
>
> You can try to sniff your network with ethereal and
> look at ICMP
> request.
>
> If you are sure that it is a virus,
>
> What you should do:
>
> 1. Here are the links at Symantec to download the
> removal tools for the
> 3 viruses. Download them and use them on all
> infected IPs
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f at mm.r
> emoval.tool.html
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm
> .removal.tool.html
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm
> .removal.tool.html
> For the nachi-worm:
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
> ity/virus/alerts/nachi.asp - look under PREVENTION
>
> 2. Also, attached is a link for Microsoft Patch for
> Welchia virus:
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
> ity/bulletin/MS03-026.asp
> The patch is MS03-026 and is VERY important to
> install
>
> 3. In order to check if things improve, you can try
> to disconnect the
> problematic IPs.
>
> NOTE: the nachi-worm pings many IPs on the network,
> in order to verify
> what is alive. This might cause ROUTER PERFORMANCE
> DEGRADATION due to
> high CPU usage, meaning, your CPU will jump up from
> 10% to 99%. This can
> cause the router to discard packets and to delay in
> processing the other
> packets it does not drop. Here is the Cisco link to
> read about the
> nachi-worm. It contains also the measures to
> mitigate it:
>
http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note0
> 9186a00801b143a.shtml
>
>
>
> __________________________________________________
> This is the Africa Network Operators' Group(AfNOG)
> technical discussion list.
> The AfNOG website is: <http://www.afnog.org>
=====
Robert Longla
Hidel Technologies
P. O. Box 126
Bamenda, Cameroon
Tel: 237-336 3393
Cel: 237-762 1818
Fax: (1)413 812 7861
________________________________________________________________________
Want to chat instantly with your online friends? Get the FREE Yahoo!
Messenger http://mail.messenger.yahoo.co.uk
__________________________________________________
This is the Africa Network Operators' Group(AfNOG)
technical discussion list.
The AfNOG website is: <http://www.afnog.org>