User Tag List

Thanks useful information Thanks useful information:  0
Results 1 to 11 of 11

Thread: Buffer Overflow Attack?

  1. #1
    Member
    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Buffer Overflow Attack?

    Ok sorta confused here - the last 2 times have booted up and I tried to shut down my isp software - pretty sure this is it: iconnectbroswer? Im getting Comodo firewall come up with a buffer overflow attack?

    I'm really confused on what this is - its only been the last day its happened - will scan comp also in case something there....

    Edited to add: is isp software
    Last edited by Miaow; 12-10-2009 at 4:55pm.
    Cat (aka Cathy) - Another Canon user - 400D, 18-55,75-300mm Kit Lens,50mm f1.8, Tamron 90mm f2.8 Macro, Sigma 28-70 f2.8-4 DG, Tripod and a willingness to learn
    Software used: PhotoImpact, Irfanview and a lot of plugins
    We don't make a photograph just with a camera, we bring to the act of photography all the books we have read, the movies we have seen, the music we have heard, the people we have loved. - Ansel Adams


  2. #2
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,641
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    My guess is that Comodo (which I don't use) is getting an IO error when you drop your internet connection and thinks a malformed TCP/IP packet (buffer overflow) is occurring.

    I'm also guessing you have a USB ADSL modem that requires a connection to your ISP, rather than a separate Router/firewall. Can you confirm this?
    regards, Kym Gallery Honest & Direct Constructive Critique Appreciated! ©
    Digital & film, Bits of glass covering 10mm to 500mm, and other stuff



  3. #3
    Member
    Threadstarter

    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ethernet modem but it could be usb if needed? Its only done this the last day which is weird..... I dont need this software to make adsl work its just a little accounts/broeswer thing i think that comes with it
    Last edited by Miaow; 12-10-2009 at 6:56pm.

  4. #4
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,641
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Miaow View Post
    ethernet modem but it could be usb if needed? Its only done this the last day which is weird..... I dont need this software to make adsl work its just a little accounts/broeswer thing i think that comes with it
    Ok, yeah most Ethernet modems should be ok if they are programmed with your account and password.

  5. #5
    Member
    Threadstarter

    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    it did in the past use to crash occasionally - hmm maybe comodos catching it first now??

  6. #6
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,641
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Miaow View Post
    it did in the past use to crash occasionally - hmm maybe comodos catching it first now??
    Most likely

  7. #7
    Member
    Threadstarter

    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah... Forgot to add all AVG and spybot ok

  8. #8
    Serial Truant.... phild's Avatar
    Join Date
    01 Jun 2008
    Location
    Launceston
    Posts
    528
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I had a similar problem when I started using a wireless broadband dongle (the modem donglem works in bridging mode). I can't remember exactly the form of the attack but it was web based, i.e. coming from the outside world.

    After a couple of frustrating hours searching the web and finding nothing but suggestions that I should update to the latest Microsoft patches, I decided to try the standard XP firewall. (I don't normally bother at home my DSL router is firewalled).

    Running the XP firewall fixed the crashing problem immediately. Could be worth a try in your case.
    Phil

  9. #9
    Member
    Threadstarter

    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks Phil but I'll stick to Comodo at pres - trust it more than MS software lol

    Its not crashing the comp just the isp program would sometimes crash - then as I mentioned was only yesterday where it came up on that attack thing - Its working ok though - I dont usually leave that running anyway (the isp thing)

  10. #10
    Member nexus's Avatar
    Join Date
    31 Aug 2009
    Location
    Sydney
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Miaow View Post
    Thanks Phil but I'll stick to Comodo at pres - trust it more than MS software lol

    Its not crashing the comp just the isp program would sometimes crash - then as I mentioned was only yesterday where it came up on that attack thing - Its working ok though - I dont usually leave that running anyway (the isp thing)
    If you are sure that the software mentioned is safe (e.g. your ISP software or whatever) then a buffer overflow just means dodgy coding
    Canon EOS 50D w/ Phottix BP-40 Grip | 17-40 f/4L | 24-70 f/2.8L | 70-200mm f/2.8L IS | 430EX II | YN560 | Cactus V5 | Benro C-257EX + B2 Ballhead
    http://picasaweb.google.com/derfel/

  11. #11
    Member
    Threadstarter

    Join Date
    22 Jul 2008
    Location
    Rosebud, Mornington Peninsula
    Posts
    2,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think I found the cause actually for this...

    The day this happened was a couple of days before i found a sus file (ended up being a trojan according to AVG when i sent it off for analysis) on my system (which luckily i caught when it was trying to change some registry thing). The date though on the system the trojan file was created was that morning when that buffer overflow attack thing started.

    I thought at the time cause i did an adobe update that morning that maybe it had come down with that but I noticed yesterday that there was a block by comodo on the 15th (even though the trojan file was deleted at that time) from iconnectbrowser trying to access that file, so am wondering now if it may have been the cause of this problem also

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •