Solved

Large number of internet sessions - ?Virus or ?Hacker

Posted on 2007-04-08
8
1,050 Views
Last Modified: 2013-12-04
Hi Experts. I have received a broadband connection Alert from BT. Error: The following devices on your network are using a large number of internet sessions. ADVENT -7113. They say it is a blaster virus most probably. If I google this term I get mostly references to a Laptop. Could this be a sign that someone using this type of laptop is ripping off my connection. Thanks!
0
Comment
Question by:Nasturtiumman
  • 3
  • 3
  • 2
8 Comments
 
LVL 4

Assisted Solution

by:AndrewCink
AndrewCink earned 240 total points
ID: 18873364
It does not sound like someone with a laptop is causing problems with your connection, although if you have a public wireless access point, maybe they are using your connection wirelessly to send this bad traffic.

It sounds like you may have an infected machine on your network. If you have a log of some sort, try to look for which IP is sourcing the traffic, then take it off your network until you can clean it with antivirus software. If you have a firewall, you can look through its logs to see your sessions and where they are coming from if it's a decent one.

If not, you'll have to play a guessing game and go through all of the machines on your network and either unplug them or clean them until you find the infected machine(s).

If you do have a wireless access point, I recommend changing the SSID, not broadcasting the SSID, and set up a password for access so that malcontents cannot easily get on to your network to send this sort of traffic.

Andy
0
 
LVL 32

Expert Comment

by:r-k
ID: 18873617
How many machines are on your network?

If just a few, open a command window on each and type:

> netstat -ab

to see what sessions are open.

If you have a wireless access point then do lock it down with WPA as suggested by Andy above.
0
 

Author Comment

by:Nasturtiumman
ID: 18873631
Hi Its in my shop, and I`m at home now, but there is a wireless router, but only one PC connected. My son uses his laptop there. We have a WEP key enabled, and SSID broadcast disabled.
0
 
LVL 32

Accepted Solution

by:
r-k earned 260 total points
ID: 18873657
"We have a WEP key enabled"

I would suggest switching to WPA instead for greater security. WEP is fairly easy to break.

Would be interesting to see the results of "netstat -ab" when you back at the shop.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:Nasturtiumman
ID: 18874733
Thanks guys will report back in a couple of days N.
0
 
LVL 4

Expert Comment

by:AndrewCink
ID: 18887498
I may misunderstand, but if there is only one wireless PC, I'd recommend disabling the wireless and try using a wired connection for a couple days and see if it goes away. That would at least eliminate the possibility of someone else using the wireless. Then you could be sure it's definitely a device inside your network...
0
 

Author Comment

by:Nasturtiumman
ID: 19036615
Problem solved, it was in fact my son's laptop!, but I have improved my security based on your advice. Thank-you!
0
 
LVL 32

Expert Comment

by:r-k
ID: 19036850
Thanks. Glad things are better now.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Monitoring software... 2 51
antivirus on mac 8 73
Windows Defender struggles to check for updates. 9 55
GPO not applying to designated group-- Server 2012R2 2 54
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now