hostname detective

[mark-easton]

Hi

I found the thread below on google when searching for the hostname detective 
issue.
I appreciate this was raised in June 2004, but there doesnt appear to be many 
more instances of this issue on the net.
Question is did you find out what caused it? I have it on my network and Id 
like to know how to prevent reoccurrence.


Thanks

Mark

Skimming through my leases file I noticed a bogus MAC address of
45:3b:13:0d:89:0a as well as two others which used the hostname
"detective" and leased all of the available IP addresses in my pool for
two minutes.  I googled for this situation and found a published log from
some college's dhcp.leases file with the same MAC address and hostname
being used.  Has anyone else seen this behavior before?  The only
interface serving DHCP is my internal one with only two machines on it. 
Almost sounds like one of them got hacked.  Does anyone know what
virus/spyware would've caused this?

Thanks

Tim


-----------------------------------------
Email sent from www.ntlworld.com
Virus-checked using McAfee(R) Software 
Visit www.ntlworld.com/security for more information