Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Suspicious network activity advice

from [Stephane Boulet] Network Security [Permanent Link]
Subject: RE: Suspicious network activity advice
Date: Mon, 25 Dec 2006 22:36:20 -0500 
Do you have Google desktop or MSN desktop.. anything like this?

-----Message d'origine-----
De : listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] De
la part de infinite_uk@hotmail.com
Envoyé : 22 décembre 2006 06:22
À : security-basics@securityfocus.com
Objet : Suspicious network activity advice

Could anyone offer me some advice or guidance with this please. 

I am developer and have been suspend from work because of ?suspicious
network activity?. It?s a corporate network (local government) predominantly
running a combination Microsoft OS?s across many sites. 

It seems that many computers on the corporate network have entries in their
event logs to say that my system logged onto these machines for any instant.
This happens three times of the course of a single day and but second time
my computer?s events log shows that each of these computers have logged back
into my system. 
The IT audit section sent the computer away and it came back clean e.g. no
viruses and their stance seems to be that they don?t know what has happened
but they believe that I have used some kind of scanning software. 

I?m trying desperately to find another explanation for this, can anyone
suggest what might have happened. Could using something like visio or a
simple file search across the network produce similar activity? 

They did seems to think that it was relevant that each computer was contact
in alphabetical order not IP order. 
Any help would be greatly appreciated.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Password Quality checker, Johnny Wong
Next by Date:  Re: Fwd: Print Server Log Analyzer, Ryan Buena
Previous by Thread:  RE: Suspicious network activity advice, Devin Rambo
Next by Thread:  RE: Suspicious network activity advice, tima soni
Indexes:  [Date] [Thread] [Top] [All Lists]