Who's calling home?

Discussion in 'LnS English Forum' started by Kansai, Nov 13, 2005.

Thread Status:
Not open for further replies.
  1. Kansai

    Kansai Registered Member

    Joined:
    Nov 13, 2005
    Posts:
    4
    My logs are full of this dude trying to get out. Anyone know what or who it is? Should I be concerned?

    Any help appreciated. :)

    Kansai
     

    Attached Files:

    • Logs.jpg
      Logs.jpg
      File size:
      146.1 KB
      Views:
      60
  2. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    ff ff ff ff ff ff is a broadcast address in Ethernet (i.e. it reaches every other node in your local network). This is most likely to be DHCP (Dynamic Host Configuration Protocol - used to acquire an IP address and therefore both legitimate and necessary) but you would need to check the packet contents to be certain.
     
  3. Kansai

    Kansai Registered Member

    Joined:
    Nov 13, 2005
    Posts:
    4
    Thanks for the reply.
    How do I check the packet content?

    Kansai
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Use a packet sniffer like Ethereal or the Socket Spy function of Port Explorer.

    Edit: Socket Spy will only work with IP packets - you will probably need Ethereal. That broadcast packet could also have been an ARP request (see Address Resolution Protocol (arp) for more details).
     
  5. Kansai

    Kansai Registered Member

    Joined:
    Nov 13, 2005
    Posts:
    4
    MSSQL server.exe

    Must have been a leftover when I was using TrackIT (help desk software) in my diploma course at tech.
    Port explorer highlighted all the connections, I deleted the software and all is quiet in the logs again.

    Thanx for your time. Cheers.

    Kansai
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.