On Fri, 8 Jul 2005, Marty wrote: > This is for readers who are unfortunate enough to have > more Windows administration knowledge than I. The sole > Windoze XP box on my LAN is sending http requests to > a site named movies.go.com, although there is no web > client running on the XP box (at least none obvious). > I am analyzing the LAN traffic and appreciate any > ideas about where to go next.
If the traffic from the Winbox is passing through a Linux box then you can use transparent proxying to force all HTTP requests to the Linux box and run it through Squid. You can then monitor the traffic to see what is happen and even block it. > I've heard all the chilling spyware stories, but this is > an eye opener for the sheer volume of data being passed > 24/7 to or from this box. But what data and to whom? It is often a good idea to isolate any Winboxes in their own LAN and firewall them from the other boxes as much as possible (including the aforementioned transparent proxy and squid cache :). Then the users of the non-Win boxes can be less worried about network sniffing, attacks, etc. Rob -- Robert Brockway B.Sc. Phone: +1-416-669-3073 Senior Technical Consultant Email: [EMAIL PROTECTED] OpenTrend Solutions Ltd. Web: www.opentrend.net We are open 24x7x365 for technical support. Call us in a crisis. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]