cancel
Showing results for 
Search instead for 
Did you mean: 

MS_RPC_DCOM_BufferOverflow

N/A

MS_RPC_DCOM_BufferOverflow

Hello,

I am receiving an alert from Norton Firewall every 5-10 minutes that hosts in the 81.174.*.* range are attempting to access my machine, with the subject line message.

When i run Visual Tracker it shows these addresses as being in the plusnet range.

Does this mean that there are machines in this range that have the Blaster virus and this is its attempt to propagate?

I'm not overly worried as it's blocking them all but it's quite irritating.

TIA.
Smiley
2 REPLIES
N/A

MS_RPC_DCOM_BufferOverflow

Yes, there are still customers within the PlusNet custoemr base infected with blaster.

You should keep a log of the dates, times and IPs, and contact support with regards to it.

It's an ongoing process, however, they are trying to inform all customers of there infection in a bid to help remove the problem.

I should note however, that you won't see any from non-PlusNet addresses, due to a block put in place at the network borders.

There is no place within the PlusNet network, that a simalar block can be placed, to prevent to spreading between customers though.

If PlusNet get a grasp on this, what steps are taken when a customer is investigated with regards to infection?
N/A

MS_RPC_DCOM_BufferOverflow

acarr,

That's what I thought.

Thanks very much for your prompt reply.
Smiley