Re: a fun new tool from us...

[Christoph Schneeberger <cschnee () telemedia ch>]

Hi,

> Intersting tidbit: PCA uses an "IP discovery protocol" to find other PCA
> hosts on a network if you don't give it a specific IP to connect to. The
> "protocol" assumes you are on a /24 network and probes xxx.xxx.xxx.1
> through xxx.xxx.xxx.254 for PCA service. I found this out when I got a
> call from my ISP asking why one of my users on a /26 network was port
> scanning another customer's /26 network that happened to be contiguous
> with ours.

this seems to be kind of wanted behavior to look for hosts on your network,
it wasn't possible in early versions of pca if I remember that right but it
was added on customer request.
If you actually specify the host to be called or disable the browsing it
won't happen.

to disable browsing on the remote machine add the following to the registry
(this works for 7.5 and 8.0):

Value:
TCPIPNetBroadcast
Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\pcANYWHERE\CurrentVersion\System
Type:
DWORD
Settings:
0 = Do not browse for the host.
1 = Browse for the host by sending 254 directed UDP packets per network
[DEFAULT]
2 = Browse for the host by sending one broadcast UDP packet per network.
[8.0 only]

(quoted from Symantec Website)


hope this helps,
Christoph Schneeberger
SCS Telemedia