"Martin G. Diehl" <mdiehl@nac.net> wrote in message
news:3F5244DD.2BAE695E@nac.net...

OldBoy wrote:

"Dom " <dompqy@blueyonder.co.uk> wrote in message
news:p9g4b.718$Ok2.6940742@news-text.cableinet.net...

Gary Heston wrote:

In article <birofc$nak$2@hercules.btinternet.com>,
Nick M V Salmon <spam_dump@btinternet.com> wrote:

"BW" <noone@nowhere.com> wrote

Don't know if this is it, but I have seen "Pings" at
about a 2 / min rate hitting my firewall in the same
time frame.    [ ... ]

Blaster worm, it figures, I'd thought it might be that
because the problem started at roughly the same time
that was set lose 'into the wild'. :-/

It's not MS Blaster, it's the SOBIG.F email worm. MS
Blaster and Wachia (the anti-blaster disaster) target
the RPC port instead of doing a ping.

The Welchia worm tries to use pings to locate other
machines that may be infected:

<http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.ht
ml>

I have seen two cases of corporate networks infected with
this one and in both cases the networks were virtually
unusable due to the number of ICMP packets being sent.

I was lucky - I run W98 and Linux - neither of which can
get infected with these viruses.

That goes for the other Window variants when properly
maintained.  MS published patches in mid-July!

Thanks ... that's good to know.

BTW, when did MS publish the bugs that allow those
vulnerabilities?  <G>

Must be ages ago :-))
My guess: around 1996

Gr. Jan