On 8/23/06, Nick Guenther <[EMAIL PROTECTED]> wrote:
No it's not possible to bypass the handshake. These must be zombie hosts. Compromised Windows boxes go for 5cents, I hear. You should try to figure out who would want to do this to you.
Additionally I just ran nmap on the address listed in your log and although it didn't identify it positively it says it's a windows box. So there you go. It has an open port at 1026/tcp and I'll bet that's the control channel. -Nick
