On Wed, 2004-06-30 at 19:15, Brad Klinghagen wrote:
> I took a further look at the Win2K workstation to see what was going on.
> There is no virus infecting the computer. I looked all over the
> computer, in the task manager, Services folder, event viewer, and no
> virus shows up. The virus softwar
Brad Klinghagen wrote:
Sounds like something on the Win2k box initiated communication at some
time in the past, and 66 still wants to communicate, and maybe it may be
a mystery why it is still going on(or maybe you have an answer).
The Win2k box was trying to connect to the 66 host yesterday aftern
I took a further look at the Win2K workstation to see what was going on.
There is no virus infecting the computer. I looked all over the
computer, in the task manager, Services folder, event viewer, and no
virus shows up. The virus software shows nothing for a long time. Web
server is turned off.
Comments at end.
At 07:09 AM 6/30/2004 -0400, Sean Covel wrote:
Norton is a great tool, but it doesn't pickup spyware. There has been a
LOT of spyware/virus mixing lately. Try Spybot Search and Destroy. We
once had a single machine with some spyware app running flooding the
firewall trying to
Brad Klinghagen wrote:
This isn't the full format of the log file. I sent the full file to Tom
Eastep to look at. As for virus, doubtful, since the computer is running
the latest version of Symantec Anti-Virus 2004 and get updates whenever
available (initiates the updates).
Nevertheless, it appears
Norton is a great tool, but it doesn't pickup spyware. There has been a
LOT of spyware/virus mixing lately. Try Spybot Search and Destroy. We
once had a single machine with some spyware app running flooding the
firewall trying to "call home." Killed the spyware, traffic stopped.
Brad Klingh
This isn't the full format of the log file. I sent the full file to Tom
Eastep to look at. As for virus, doubtful, since the computer is running
the latest version of Symantec Anti-Virus 2004 and get updates whenever
available (initiates the updates). I've set up the firewall rules so
that if a com
On Wed, 2004-06-30 at 01:16, Brad Klinghagen wrote:
> I just wanted to check to make sure I'm looking at the Shorewall logs
> correctly. Below, I've pasted a small sample of what I'm seeing in my
> log file. The particular IP address that begins with 66 is the source
> and 10.1.1.65 is the destinat
Brad Klinghagen wrote:
Is it right to assume that this traffic is a hacker using automated
software trying to probe for weaknesses in my firewall or computer
setup? Or is it something else completely, something much less sinister?
Could this be some ad software, or something like it? If this isn't
On Tuesday 29 June 2004 06:16 pm, Brad Klinghagen wrote:
[...]
> Is it right to assume that this traffic is a hacker using automated
> software trying to probe for weaknesses in my firewall or computer
> setup? Or is it something else completely, something much less sinister?
> Could this be some a
I just wanted to check to make sure I'm looking at the Shorewall logs
correctly. Below, I've pasted a small sample of what I'm seeing in my
log file. The particular IP address that begins with 66 is the source
and 10.1.1.65 is the destination. Obviously the 10 IP address is within
my LAN. The secon
I know this is probably a very elementary question, but I want to verify.
If I want to use the LEAF without any firewall properties all I have to do
is change the line IPFILTER_SWITCH=FIREWALL to IPFILTER_SWITCH=NONE in
network.conf ?
Correct?
Thanks,
David
__
12 matches
Mail list logo