At 11:38 AM 5/2/00 -0500, Brent Sweeny wrote:
we're seeing what appears to be a new large stream of data going outbound on tcp port 8311 and we can't identify a corresponding new application-- destinations are varied, with streams in the range of 50-100MBs each. Do any of you have any ideas what this is, and where to find out more about it? is this a new Napster? thanks,
I've run into a couple of Visual Basic trojans in the last few weeks that are sending a list of the client's drives' files to the hacker's machines. They've both connected at times the machines were untended and transmitted over 10Megs of data. Unable to trace the virus (neither machine was protected) but in both cases a logfile was left behind by the trojan showing the connection, timestamps and amount of data transmitted. Unfortunately, the recieving number/IP wasn't listed. Mayhap this is a possibility? "Microsoft is not a monopoly!" - Bill Gates "HA!" - Judge Jackson Dean Robb Owner, PC-EASY (757) 495-EASY [3279] On-site computer services Member, ICANN @Large