spyware/virus or other
- From: "tomhelmet" <tomhelmet@xxxxxxxxxxxx>
- Date: 31 May 2006 09:49:49 -0700
Our firewall periodically reports the following event. There is no
pattern the date or times that it occurs but it has been occuring for
months. The internal information appears to be randomly generated from
possibly AD. The computer referenced is not even on the network and
the IP address was random as well however it was in the range used by
our VPN.
I have perfromed WHOIS on the IP and domain and ikatel.net is
registered to a company in Mali.
I have not found anything on local workstations.
Deny tcp src inside:XXX.XXX.X.XXX (systemax)/3888 dst
outside:196.200.80.222 (dial222.ikatelnet.net)/25 by access-group
"inside_access_in"
Has anyone seen this or something similar that just drives them crazy?
.
- Prev by Date: Re: The Coalition against Personal Firewalls
- Next by Date: Re: The importance of Securing Your Home Computer
- Previous by thread: The importance of Securing Your Home Computer
- Index(es):
