Ive been keeping a close eye on the webserver and I just noticed that the processor usage is really high. Since Ive been aware of it (about 2 hours) the following process has been at or around 99% utilization: PID 920 --- wlogin.exe I checked for connections, but there were no ftp sessions and minimal web traffic. No attacks flagged by blackice server, and no more than 9 connections on average. Every now and then, a visitor will suddenly have 5-9 simultaneous connections upen on high level ports. I scanned the system for viruses and didn't detect any. If you have any ideas, I would appreciate them! John ------------------------------------ John Thompson Network Administrator Dept. of Biochemistry University of Iowa ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 15:12:10 PDT