[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: Re: pc generating unauthorized http scans
From: krymson () gmail ! com
Date: 2008-11-25 14:30:16
Message-ID: 200811251430.mAPEUGeK006162 () www3 ! securityfocus ! com
[Download RAW message or body]
Isn't that a question for the security team that identified your computer? I find it \
irresponsible to point out a security threat and then leave the user to figure out \
what is going on, especially if this is a system they own and even more especially if \
you're not an admin on it.
You should ask that security team what they detected and how they detected it. Is it \
bursting at certain times of day, or is it very regular? Where is it going? What is \
that traffic trying to do, just find open port 80 connections?
I would otherwise look at the other suggestions. Check output from Wireshark and \
TCPView and see what you can find out. But I'm ultimately disappointed in that \
security team...
<- snip ->
Hello,
Recently, our corporate security team identified that my windows xp pc was performing \
a number of http scans of other systems within our network.
I am not running any kind of scans, nor have I authorized anything to run such scans.
How can I determine what is performing these scans?
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic