mailing list archives
Re: pc generating unauthorized http scans
From: krymson () gmail com
Date: Tue, 25 Nov 2008 07:30:16 -0700
Isn't that a question for the security team that identified your computer? I find it irresponsible to point out a
security threat and then leave the user to figure out what is going on, especially if this is a system they own and
even more especially if you're not an admin on it.
You should ask that security team what they detected and how they detected it. Is it bursting at certain times of day,
or is it very regular? Where is it going? What is that traffic trying to do, just find open port 80 connections?
I would otherwise look at the other suggestions. Check output from Wireshark and TCPView and see what you can find out.
But I'm ultimately disappointed in that security team...
<- snip ->
Recently, our corporate security team identified that my windows xp pc was performing a number of http scans of other
systems within our network.
I am not running any kind of scans, nor have I authorized anything to run such scans.
How can I determine what is performing these scans?