If the bad guys are sneaking in at unpredictable times and might be hard
to catch using netstat (or if you don't want them to see that you are
looking for their IP addresses) try installing snort on one of the PCs
(www.snort.org). You can log the intrusions and follow up at your
leasure. There is probably a simpler way to do this, but I have run
snort on a PC so it came to mind as a more stealthy solution.
Don Heffernan
- ----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, December 07, 2000 9:47 PM
Subject: Urgent help needed to solve security breech
> Someone has installed VNC on several, student owned,
> computers in our Residence Halls without the owner's
> permission or knowledge. These computers are being
> remotely controlled without the owner's permission.
>
> This is, clearly, something I need to stop. I need to find
> out how I can determine the ip address, or some other
> identifing attribute, of the system used to remote control
> these computers.
>
> Please help as soon as possible.
>
> Thank you in advance.
> --
> Robert W. Downard
> Technical Services Manager email: [EMAIL PROTECTED]
--
Don Heffernan
heffernan.cais.net
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
