Yes Suh, this be the Dawg.
Come and sniff my rear tonight, give your senses great delight.
CheckItOutCheckItOutCheckItOut
Me and Brian were hired to fix a small network that has severe problems.
Brian is out on parole.
Brian says he thinks we found a new virus. I think all the reading
he did in prison fucked up what little there is of his brain.
There are two LAN's connected to a small router and a TIS Gauntlet
firewall. Each LAN has about 200 users and the 10baseT Ethernet
constantly runs at above 3.5 mbps where the throughput drops off sharply.
Most of the users are running Windows 95.
There is some program that _looks like_ a screen saver running in the
background on most of these PC's. However the users have not installed
screen savers. The program connects to a web site every 25 seconds and
pulls down an image file. It doesn't display the image anywhere, it just
drops it. Web browsers usually cache the stuff they pull down. This
program isn't caching anything. It just pulls down the same image over
and over again and drops it. The log file in the TIS Gauntlet confirms
what my sniffer is showing me.
When a couple of dozen of these PC's start pulling the same image down at
the same time there is a performance drop on their LAN, the TIS firewall
slows down, and their T1 Internet line becomes overloaded. The
uptime figure on their Gauntlet rises from less than 1.0 to between 40.0
and 50.0
Brian is sure its a virus designed to trash networks. I just plain don't
know. What the hell are we looking at?
Sick Puppy, the Cat_Eating_Dawg
Oh she gasped, its long,
and fat,
I don't half like, a tail,
like that.
Follow-Ups:
|
|
