Ok, serious question for you folks. Particularly those in IT fields.
Today we've had a site calling up telling us they have a virus that fills up the HD.
According to our network administration (who sucks, btw), the problem is a isakmp.log file. The program IreIKE.exe is filling it up.
Now this program / log is part of VPN software running on all the computers.
So far the only solution we have thought of or found is a system restore to a previous date. We have no idea what is causing this problem. My thoughts is that it could be a configuration error or obviously a virus.
Unfortunately I don't have a machine here locally with the virus to do hands on troubleshooting.
Anyone heard of this?
Edited at 1800 to clarify the number of sites. Only one confirmed with this problem. The others were different issues.
Virus On Military Network
Virus on military network
Well, initially if it's a .log file that's rapidly gaining in size I'd first think that some machine/server/router is either spamming error notices or was left in Debug mode when previously trying to fix something and as such is having all the of the network activity for those particular protocols being written to log files.
The specifics would be better left to the Admin as far as what's happening with the security VPN software and protocol you're using, but a really similar situation occurred in a completely unrelated way when an IP-blocking program I'd used was set to write and archive all logs for allowed and blocked IPs once a day and suddenly 19GB vanished! lol
The specifics would be better left to the Admin as far as what's happening with the security VPN software and protocol you're using, but a really similar situation occurred in a completely unrelated way when an IP-blocking program I'd used was set to write and archive all logs for allowed and blocked IPs once a day and suddenly 19GB vanished! lol
Well from some of the things I've read about that log file is if someone was trying to connect to your network it would log it. For that log to fill the whole HDD in minutes would be quite a bit of machines trying to access that VPN at the same time similar to a DoS attack.
yay for somebody hacking into our military network so they can launch some nukes -.-
And so it begins!
Hello Skynet!
Goodbye world!
Hello Skynet!
Goodbye world!
Whenever files are deleted, the log file expands to fill that space.
This tells me that it's not a DOS/DDOS attack. It's most likely what Caiyuo said as far as some sort of configuration gone screwy.
Like I said, I don't have a machine to personally troubleshoot at my location.
This tells me that it's not a DOS/DDOS attack. It's most likely what Caiyuo said as far as some sort of configuration gone screwy.
Like I said, I don't have a machine to personally troubleshoot at my location.
All FFXI content and images © 2002-2024 SQUARE ENIX CO., LTD. FINAL
FANTASY is a registered trademark of Square Enix Co., Ltd.