HELP!!!! WMF Escape TARGETS MY NETWORK!!!??! :ANGERY:

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

0vermind

Thread Starter
Joined
Nov 15, 2005
Messages
162
Okay today I checked my kerio log files to find this.....

Sunbelt Kerio Personal Firewall -IDS- said:
[02/Jan/2006 18:26:34] "Ids" action = 'denied', raddr = '85.255.113.242', msg = 'EXPLOIT WMF Escape Record Exploit - Web Only', url = 'http://www.frsirt.com/english/advisories/2005/3086', direc = 'in', class = 'unknown', priority = low
[02/Jan/2006 18:26:36] Last message repeated 4 times
[02/Jan/2006 18:26:36] "Ids" action = 'denied', raddr = '85.255.113.242', msg = 'EXPLOIT WMF Escape Record Exploit - Web Only', url = 'http://www.frsirt.com/english/advisories/2005/3086', direc = 'in', class = 'unknown', priority = low
[02/Jan/2006 18:26:42] "Ids" action = 'denied', raddr = '85.255.113.242', msg = 'EXPLOIT WMF Escape Record Exploit - Web Only', url = 'http://www.frsirt.com/english/advisories/2005/3086', direc = 'in', class = 'unknown', priority = low
[02/Jan/2006 18:26:50] "Ids" action = 'denied', raddr = '85.255.113.242', msg = 'EXPLOIT WMF Escape Record Exploit - Web Only', url = 'http://www.frsirt.com/english/advisories/2005/3086', direc = 'in', class = 'unknown', priority = low
[02/Jan/2006 18:27:07] "Ids" action = 'denied', raddr = '85.255.113.242', msg = 'EXPLOIT WMF Escape Record Exploit - Web Only', url = 'http://www.frsirt.com/english/advisories/2005/3086', direc = 'in', class = 'unknown', priority = low
[05/Jan/2006 19:16:41] "Ids" action = 'detected', raddr = '137.229.154.131', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan
[05/Jan/2006 19:17:54] "Ids" action = 'detected', raddr = '137.229.154.131', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan
[05/Jan/2006 19:18:18] "Ids" action = 'detected', raddr = '137.229.154.131', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan
[06/Jan/2006 07:06:42] "Ids" action = 'detected', raddr = '192.150.18.61', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan
[10/Jan/2006 07:12:36] "Ids" action = 'detected', raddr = '66.102.7.99', msg = 'PortScan', url = '', direc = 'in', class = 'network-scan', priority = portscan
Unfortanitly, I warned people in my network and they simply replied "WERE BEHIND COMCAST WIRELESS NETWORK GATEWAY I DON'T NEED MY ANTIVIRUS ON, A FIREWALL INSTALLED, OR AUTOMATIC UPDATES ON!!" I worried about my network does this mean that only my computer was protected and all the other computers were/are attacked??

Thanks,
Michael
 
Joined
Jul 8, 2002
Messages
14,681
We can't tell what may or may not have happened to your other computers, you'd have to run a virus scan on each of them.
 

0vermind

Thread Starter
Joined
Nov 15, 2005
Messages
162
Are you sure a virus scan would do it?? I scanned one of them that I sure got attacked (scanned with AVG Pro) found nothing!!
 
Joined
Jul 8, 2002
Messages
14,681
How do you know it was attacked? Any updated A/V should be detecting this, maybe the computer was not infected.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top