Workaround for Welchia and Sasser Internet Worms in Kumamoto University
-
- Yasuo Musashi
- Center for Multimedia and Information Technologies, Kumamoto University
-
- Kenichi Sugitani
- Center for Multimedia and Information Technologies, Kumamoto University
-
- Ryuichi Matsuba
- Center for Multimedia and Information Technologies, Kumamoto University
-
- Toshiyuki Moriyama
- Department of Civil Engineering, Faculty of Engineering, Sojo University
Search this article
Abstract
<p>The syslog messages of the iplog-2.2.3 packet capture in the DNS servers in Ku mamoto University were statistically investigated when receiving abnormal TCP packets from PC terminals infected with internet worms like W32/Welchia and/or W32/Sasser.D worms. The interesting results are obtained: (1) Initially, the W32/Welchia worm-infected PC terminals for learners (920 PCs) considerably accelerates the total W32/Welchia infection. (2) We can suppress quickly the W32/Sasser.D infection in our university when filtering the access between total and the PC terminal's LAN segments. Therefore, infection of internet worm in the PC terminals for learners should be taken into consideration to suppress quickly the infection.</p>
Journal
-
- Journal for Academic Computing and Networking
-
Journal for Academic Computing and Networking 8 (1), 5-8, 2004-09-17
National university corporation of Information Processing Center Council
- Tweet
Details 詳細情報について
-
- CRID
- 1390564238109542656
-
- NII Article ID
- 130007688517
-
- NII Book ID
- AA1116901X
-
- ISSN
- 24337595
- 13432915
-
- NDL BIB ID
- 7106087
-
- Text Lang
- en
-
- Data Source
-
- JaLC
- NDL
- CiNii Articles
-
- Abstract License Flag
- Disallowed