PDA

View Full Version : Buffer Overflow Attack?



Miaow
12-10-2009, 3:51pm
Ok sorta confused here - the last 2 times have booted up and I tried to shut down my isp software - pretty sure this is it: iconnectbroswer? Im getting Comodo firewall come up with a buffer overflow attack?

I'm really confused on what this is - its only been the last day its happened - will scan comp also in case something there....

Edited to add: is isp software

Kym
12-10-2009, 5:31pm
My guess is that Comodo (which I don't use) is getting an IO error when you drop your internet connection and thinks a malformed TCP/IP packet (buffer overflow) is occurring.

I'm also guessing you have a USB ADSL modem that requires a connection to your ISP, rather than a separate Router/firewall. Can you confirm this?

Miaow
12-10-2009, 5:54pm
ethernet modem but it could be usb if needed? Its only done this the last day which is weird..... I dont need this software to make adsl work its just a little accounts/broeswer thing i think that comes with it

Kym
12-10-2009, 6:08pm
ethernet modem but it could be usb if needed? Its only done this the last day which is weird..... I dont need this software to make adsl work its just a little accounts/broeswer thing i think that comes with it

Ok, yeah most Ethernet modems should be ok if they are programmed with your account and password.

Miaow
12-10-2009, 6:27pm
it did in the past use to crash occasionally - hmm maybe comodos catching it first now??

Kym
12-10-2009, 6:29pm
it did in the past use to crash occasionally - hmm maybe comodos catching it first now??

Most likely

Miaow
12-10-2009, 6:40pm
Yeah... Forgot to add all AVG and spybot ok

phild
12-10-2009, 9:58pm
I had a similar problem when I started using a wireless broadband dongle (the modem donglem works in bridging mode). I can't remember exactly the form of the attack but it was web based, i.e. coming from the outside world.

After a couple of frustrating hours searching the web and finding nothing but suggestions that I should update to the latest Microsoft patches, I decided to try the standard XP firewall. (I don't normally bother at home my DSL router is firewalled).

Running the XP firewall fixed the crashing problem immediately. Could be worth a try in your case.

Miaow
13-10-2009, 7:07am
Thanks Phil but I'll stick to Comodo at pres - trust it more than MS software lol

Its not crashing the comp just the isp program would sometimes crash - then as I mentioned was only yesterday where it came up on that attack thing - Its working ok though - I dont usually leave that running anyway (the isp thing)

nexus
18-10-2009, 11:47am
Thanks Phil but I'll stick to Comodo at pres - trust it more than MS software lol

Its not crashing the comp just the isp program would sometimes crash - then as I mentioned was only yesterday where it came up on that attack thing - Its working ok though - I dont usually leave that running anyway (the isp thing)

If you are sure that the software mentioned is safe (e.g. your ISP software or whatever) then a buffer overflow just means dodgy coding ;)

Miaow
18-10-2009, 1:31pm
I think I found the cause actually for this...

The day this happened was a couple of days before i found a sus file (ended up being a trojan according to AVG when i sent it off for analysis) on my system (which luckily i caught when it was trying to change some registry thing). The date though on the system the trojan file was created was that morning when that buffer overflow attack thing started.

I thought at the time cause i did an adobe update that morning that maybe it had come down with that but I noticed yesterday that there was a block by comodo on the 15th (even though the trojan file was deleted at that time) from iconnectbrowser trying to access that file, so am wondering now if it may have been the cause of this problem also