Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 36

Thread: router udp logs

  1. #21
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Yes we have a Unix product....I have never stated windows is better the unix ever...and I would like you to find any thread where I have!

    I have always maintained...................... depending on the environment and functionality required will best determine the OS used.

    We need a read only device...and we decided unix based is best for the functionality....and we hired an contractor to develop it seeing it is beyond my skill set....always hire people that know more then you.

    He is not on our internal network but shares our internet and every so often he fires up some program that creates the log entries.......as stated he claims its his IMAP client and I call bulsh1t.

    Thats the gist of the thread.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  2. #22
    HYBR|D
    Guest
    Quote Originally Posted by morganlefay View Post
    He is not on our internal network but shares our internet and every so often he fires up some program that creates the log entries.......as stated he claims its his IMAP client and I call bulsh1t.

    Thats the gist of the thread.

    MLF
    Haven't kept myself up2date with the entire thread, so if something below is already mentioned then please don't hate on me.

    Is it possible that next time he comes in, that he's laptop/device get's checked out?

    ie set up a "Closed environment" and have a scan of the "Network" activity that tries to establish a connection, have process explorer up and running and keep an eye on processes that launch etc etc.

    in the current logs you have how big are the intervals? are they every 5mins or shorter?

  3. #23
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Wed, 2010-09-01 14:13:41 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4488 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:41 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4489 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:41 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4490 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:41 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4491 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:41 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4492 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4493 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4494 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4495 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4496 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4497 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4498 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4499 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4500 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4501 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4502 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4503 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4504 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4505 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4506 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4507 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4508 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:42 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4509 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4510 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4511 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4512 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4513 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4514 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4515 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4516 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:43 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4517 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:53 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4589 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:53 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4590 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4591 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4592 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4593 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4594 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4595 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:54 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4596 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:57 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4597 Dst 53 from SELF]

    Wed, 2010-09-01 14:13:57 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4598 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:02 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4631 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:02 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4632 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:02 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4633 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:02 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4634 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:02 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4635 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:03 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4636 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:03 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4637 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:03 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4638 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:03 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4639 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:03 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4640 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:04 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4641 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:04 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4642 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:04 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4643 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:04 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4644 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:04 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4645 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:05 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4646 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:05 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4647 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4648 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4649 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4650 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4651 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4652 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4653 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:06 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4654 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:07 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4655 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:07 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4656 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:07 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4657 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4658 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4659 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source:xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4660 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4661 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4662 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:09 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4663 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:10 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4664 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:10 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4665 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:10 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4666 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:10 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4667 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:11 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4668 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:11 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4669 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:11 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4670 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:11 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4671 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:12 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4672 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:12 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4673 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:12 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4674 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:12 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4675 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:13 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4676 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:13 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4677 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:13 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4678 Dst 53 from SELF]

    Wed, 2010-09-01 14:14:13 - UDP packet - Source: xxx.xxx.xxx.xxx - Destination: xxx.xxx.xxx.xxx - [Ceiling for number of connections reached, dropping packet Src 4679 Dst 53 from SELF]
    source is our IP Destination is our ISPs DNS
    Runs for about 15 min at a time

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  4. #24
    HYBR|D
    Guest
    Appear to be e-mail client related, has there e-mail client to check for new mail every 1 -> 2 minutes

    i imagine being a mac he has that push to device enabled.

    personally i would "Sandbox" the machine into a controlled environment, if it has wireless device, then let it connect to a fake hotspot and run a air-scanner to monitor the in-bound outbound traffic.

    are you able to have some physical access to the mac next time he comes by?

    If it was p2p there would be more "Data" logged especially if you have ports blocked, no port forwarding etc.

  5. #25
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    HYBRID are you suggesting that is IMAP Polling?
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  6. #26
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    So it IS his mail client...pushing it to his phone.....why all the DNS stuff??

    I have no physical access to his machine...

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #27
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    The app he is using is morpheus P2P

    Now what to do about it

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  8. #28
    HYBR|D
    Guest
    Quote Originally Posted by morganlefay View Post
    The app he is using is morpheus P2P

    Now what to do about it

    MLF
    You can use any packet-filtering firewall, like ipchains or iptables in Linux or ISA Server in Win 2000 Server, to block out any network activity from taking place.

    6346-6347 for the Service ports, and TCP for Protocol.

    didn't they shut off that morpheus p2p awhile back? it's been a long long time since i last used a torrent to grab *nix distro's so kind of out of the loop.

  9. #29
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Morpheus went off line in 2008 according to Wikii.

    MLF not knowing your set up but...

    Can your switched filter by mac address? Is it easy to set up a vLan?
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  10. #30
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    His laptop has a virtual machine on it...it was also using multiple ports on the wireless connection...multiple MAC addresses.

    We spoke to him and asked that he only run applications required for the project and to ensure all P2P apps were not running while on site as it is against out AUP....and the traffic mysteriously stopped ....and I am sure he is still getting his email.

    He has that typical arrogance ...firstly because we are a MS shop we wouldnt know...and secondly some female running a network must be an idiot and wouldnt know.

    Yeap it took me some time to figure out what it was.....but I am no fookin id10t...and I dislike when people undermine me.....


    MLF

    EDIT>FYI the software can use other P2P networks such as the Neo Network, Gnutella, Limewire etc and is still available for download
    Last edited by morganlefay; September 3rd, 2010 at 02:52 PM.
    How people treat you is their karma- how you react is yours-Wayne Dyer

Similar Threads

  1. Auditing Routers: The Checklist - Looking for Feeback
    By KuiXing-2005 in forum Network Security Discussions
    Replies: 2
    Last Post: April 4th, 2005, 04:44 PM
  2. Linksys Router Owners - HEADS UP!
    By thehorse13 in forum Network Security Discussions
    Replies: 31
    Last Post: June 8th, 2004, 08:19 AM
  3. Central Secure Logging in a Win2k Environment
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 5
    Last Post: March 4th, 2004, 05:00 PM
  4. anyone want to help me with some cisco hw?
    By Simo in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: October 28th, 2003, 03:47 PM
  5. how to hack cisco a router... wow
    By NUKEM6 in forum Non-Security Archives
    Replies: 1
    Last Post: February 3rd, 2002, 11:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •