Use "netstat" in a command window - look for the connection on port 5900.
The "foreign address" is who made the connection. keep in mind that if
someone is watching, they will see this...
C:\>netstat
Active Connections
Proto Local Address Foreign Address State
TCP oz1:5900 CNT496:2152 ESTABLISHED
Carl Karsten
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, December 07, 2000 9:47 PM
Subject: Urgent help needed to solve security breech
> Someone has installed VNC on several, student owned,
> computers in our Residence Halls without the owner's
> permission or knowledge. These computers are being
> remotely controlled without the owner's permission.
>
> This is, clearly, something I need to stop. I need to find
> out how I can determine the ip address, or some other
> identifing attribute, of the system used to remote control
> these computers.
>
> Please help as soon as possible.
>
> Thank you in advance.
> --
> Robert W. Downard
> Technical Services Manager email: [EMAIL PROTECTED]
> St. Norbert College Phone: (920) 403-3971
> 100 Grant Street Fax: (920) 403-4084
> De Pere, WI 54115-2099
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
