RE: Windows XP computer spewing packets

["Mark McConnell" <mmcconnell () ctiusa com>]

That is an incredible amount of packets.  Use a sniffer program and capture some of the packets. If you are not able to 
identify the packets in the capture then machine probably has a bot installed; which is probably the case and it is 
launching a DoS.  The scan results just add to the fishyness of the whole thing.
 
If you do not have a capture program like Sniffer or Etherpeek you can get Ethereal for free from www.ethereal.org.
 
Mark McConnell
CCIE #6995
 

        -----Original Message----- 
        From: robe0341 () qwest net [mailto:robe0341 () qwest net] 
        Sent: Fri 8/1/2003 12:06 PM 
        To: security-basics () securityfocus com 
        Cc: 
        Subject: Windows XP computer spewing packets
        
        

        One of the employees here has a Windows laptop, and in the last day, it has
        sent out over 1,000,000,000,000 packets, and received around 30,000. The
        30,000 is a standard load, but the trillion packets seem to be a bit high.
        I've scanned for spyware and viruses and found nothing.  I tried to nMapWin
        from the network, and the computer didn't respond, and when he tried to
        nMapWin his ports, he couldn't find himself, from his own computer.  Do you
        have any idea what could be causing this?  I'm not to keen on these packets
        flying around my network, and if there are security issues, I'm even less
        keen.
        
        
        
        John roberts
        
        
        --------------------------------------------------------------------
        mail2web - Check your email from the web at
        http://mail2web.com/ .
        
        
        
        ---------------------------------------------------------------------------
        ----------------------------------------------------------------------------