Quote:
Originally posted by SinEmpire
Ok here's the deal
finally something conclusive!!
One of my own servers running SQL seemed to be affected. I terminal service'd in and it was at 100% cpu utilization. From MRTG I could see that there was a problem because the system that normally averages 30kb/s out was at 2700kb/s out... evident of some type of outgoing attack.
I was unable to just stop the SQL service so I set it to 'disable" and rebooted the fucker. Also, I disabled the RPC service. Then I rebooted. Everything looks ok, system is at 1% CPU utilization as usual and there is no more outgoing traffic... looks like I'll just wait till morning on this one to try and figure out how I can safely start the SQL service back up.
This system WAS patched with the microsoft critical update just the other day. Not sure what's going on but I'm sure we'll see a definitive http://www.cert.org update shortly.
Best of Luck
Brad
|
Brad simply ask your host to block UDP at port 1434 at the routers