Re: pc generating unauthorized http scans



Hi,

You can use Wireshark to see whats going on actually. You can find
some clues like source port of your machine from it then give command
in CMD "netstat -ano" This would list all the TCP connections with PID
of the process. Then go to Task Manager and find process EXE with the
same PID (you may have to add the PID column in there). You can even
use system information to find the path from where the EXE is running
(in software environment > running tasks). Then end task it and delete
the EXE. This would mostly solve the problem.

Regards,

On Thu, Nov 20, 2008 at 5:24 AM, Donald Raikes <DON.RAIKES@xxxxxxxxxx> wrote:

Hello,
Recently, our corporate security team identified that my windows xp pc was performing a number of http scans of other systems within our network.

I am not running any kind of scans, nor have I authorized anything to run such scans.

How can I determine what is performing these scans?



--
("Relax, its only ONES and ZEROS !")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@xxxxxxxxxxxxxx

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@xxxxxxxxxxxxxx

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.