TCP/IP damage from Nimda attack that manifests as inability to ping out or in
Having weathered a Nimda attack on my 2000 Server and thoroughly cleaned it off over a period, using NetShield, it left a legacy of TCP/IP damage that manifests as inability to ping out or ping in, despite the local adapter and loopback responding OK to being 'pinged.' Uninstalling and reinstalling TCP/IP protocol fixes this...UNTIL a reboot, when during the (prolonged) 'configuuring Network connections,' the protocol is destroyed again, being pingable right up to this point in the boot sequence. What is really happening here and could it be fixed without a reformat and clean install?
Perhaps TCP/IP security is enabled. If enabled, this would filter out packets such as PING. To check this:
- Open your network adapters properties, and view the TCP/IP Properties.
- Click the Advanced button, and on the Advanced TCP/IP Settings dialog, select the Options tab.
- Then, select TCP/IP Filtering, and click the Properties button.
If the Enable TCP/IP Filtering checkbox is selected, that's your problem. It's a good thing to have turned on, so be sure you understand the implications if you disable filtering.
This was first published in March 2002