I think hosting a DDoS tool or disruptive trojan is a violation of my AUP. I've only found one copy on a customer network, but they seem to respond well to the "run this .reg file and remove this file to clean your box or we'll pull the plug" email ... it really doesn't seem to be the ISPs job to clean our customer's machines, but it is our job to enforce acceptable use policies. Why not use that, and leave it up to the customer to comply or not (with the documented penalties for noncompliance). -travis On Sat, 30 Sep 2000, Jason Slagle wrote:
What about saying that the port 7759 connection is an attempt to authorize a user connecting to your port 139?
Jason
--- Jason Slagle - CCNA - CCDA Network Administrator - Toledo Internet Access - Toledo Ohio - raistlin@tacorp.net - jslagle@toledolink.com - WHOIS JS10172 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GE d-- s:+ a-- C++ UL+++ P--- L+++ E- W- N+ o-- K- w--- O M- V PS+ PE+++ Y+ PGP t+ 5 X+ R tv+ b+ DI+ D G e+ h! r++ y+ ------END GEEK CODE BLOCK------