('binary' encoding is not supported, stored as-is)
In-Reply-To: <184670-2200385116625244_at_M2W075.mail2web.com>
Back when I was in school few months ago the SAME exact thing happened.
First make sure it says packets and not bytes (different versions of
windows read differently). Did you use Ethereal packet sniffer to detect
what packets were being sent? Could be some sort of broadcast storm due to
misconfigured settings etc.. Try the packet sniffer first before you do
anything else, its important to know what kind of traffic is leaving the
box before you try and fix the problem.
Chris
http://elusive.filetap.com
>Received: (qmail 12376 invoked from network); 1 Aug 2003 16:28:28 -0000
>Received: from outgoing2.securityfocus.com (205.206.231.26)
> by mail.securityfocus.com with SMTP; 1 Aug 2003 16:28:28 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing2.securityfocus.com (Postfix) with QMQP
> id 424C48F515; Fri, 1 Aug 2003 10:16:36 -0600 (MDT)
>Mailing-List: contact security-basics-help_at_securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <security-basics.list-id.securityfocus.com>
>List-Post: <mailto:security-basics_at_securityfocus.com>
>List-Help: <mailto:security-basics-help_at_securityfocus.com>
>List-Unsubscribe: <mailto:security-basics-unsubscribe_at_securityfocus.com>
>List-Subscribe: <mailto:security-basics-subscribe_at_securityfocus.com>
>Delivered-To: mailing list security-basics_at_securityfocus.com
>Delivered-To: moderator for security-basics_at_securityfocus.com
>Received: (qmail 22905 invoked from network); 1 Aug 2003 16:10:10 -0000
>Message-ID: <184670-2200385116625244_at_M2W075.mail2web.com>
>X-Priority: 3
>Reply-To: robe0341_at_qwest.net
>X-Originating-IP: 12.205.153.15
>X-URL: http://mail2web.com/
>From: "robe0341_at_qwest.net" <robe0341_at_qwest.net>
>To: security-basics_at_securityfocus.com
>Subject: Windows XP computer spewing packets
>Date: Fri, 1 Aug 2003 12:06:25 -0400
>MIME-Version: 1.0
>Content-type: text/plain; charset=iso-8859-1
>Content-Transfer-Encoding: quoted-printable
>X-OriginalArrivalTime: 01 Aug 2003 16:06:25.0460 (UTC) FILETIME=
[DBC54740:01C35846]
>
>One of the employees here has a Windows laptop, and in the last day, it
ha=
>s
>sent out over 1,000,000,000,000 packets, and received around 30,000=2E
The=
>
>30,000 is a standard load, but the trillion packets seem to be a bit
high=2E=
>=20
>I've scanned for spyware and viruses and found nothing=2E I tried to
nMap=
>Win
>from the network, and the computer didn't respond, and when he tried to
>nMapWin his ports, he couldn't find himself, from his own computer=2E Do
=
>you
>have any idea what could be causing this? I'm not to keen on these
packet=
>s
>flying around my network, and if there are security issues, I'm even less
>keen=2E
>
>=20
>
>John roberts
>
>
>--------------------------------------------------------------------
>mail2web - Check your email from the web at
>http://mail2web=2Ecom/ =2E
>
>
>
>--------------------------------------------------------------------------
-
>--------------------------------------------------------------------------
--
>
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Aug 01 2003
Intro
