Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware on network


  • Please log in to reply
1 reply to this topic

#1 psanto

psanto

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 20 September 2016 - 07:31 PM

hi all. first post here. long time lurker. hoping someone can help. we have been infected with malware on our network. we wiped computers and installed new hard drives as well as recovered critical business processes from a non infected backup. everything is starting to get back to normal. or so i think. however, today we noticed that ports had been opened on our router for Teredo for each of our client pcs. we have ipv6 disabled on all computers. and just disabled upnp on router. we also noticed strange dns entries on the dns server using ipv6 host addresses and il address of 10.1.0.31 which is not within our ip range. i have since deleted them. ive been beating my head up against a wall trying to find where it is coming from as well as limit it. any help would be much appreciated.

BC AdBot (Login to Remove)

 


#2 psanto

psanto
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 20 September 2016 - 07:42 PM

also to note we are running windows server 2012 and windows 10 clients




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users