Re: multicast connection trials from a home machine - is it regular?

["ruben" <rubenb () arnet com ar>]

> > "1.  Do you have a default gateway specified?"

Not specified by me. This machine is at home, dialups to an ISP, then it's
their way to the Net.

> > "2.  Have you installed any of the "routing"* protocols?(OSPF, RIP, etc)
[If so, WHY???]

I've not installed anything ----knowningly... If they *are* in this machine,
where can I find them? Under which names?

> > "You do not need them unless your box is acting as a router for a
complex/dynamic network."

Well, that is what I suspect. That this box was used as a router somehow...
by means of an intrusion.
I'm ready to do a good old Format C:, but I was trying to learn something
about what was done, prior to erase the clues. I think that this "calling
multicast" is an abnormal behavior for a *home* Win98 machine. The line
"Owner: Tcpip Kernel Driver" in the firewall log maybe means "something" is
trying to go out.

> > David Gillett
Thanks for your time, David. I *do* appreciate the effort to enlighten me in
this issue. Anybody out there will maybe tell something before I format the
disk? Anti-Backdoor scanners for Win98? (Freeware-trialware preferred.
Former teachers as I am are not big spenders...)
Ruben.-



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------