Track down the people that were doing this and you'll probably find people from a company that's using your address range on an internal network and using SOCKS. My guess is that it's coming from users that are taking their laptops home or on the road. Not that I've ever made that mistake myself... :) -Geoff At 09:24 AM 9/29/97 -0500, Phil Howard wrote:
Company X uses a proxy server for web access, which defaults to 1080. They configured all their Netscape browsers to use the proxy server. Apparently, one of the employees took home a copy of Netscape with the configuration intact. It continued to work because the proxy server also answered requests from outside the company X network.
This employee further duplicated that configured copy of Netscape and passed it around to other people. Eventually a copy made it to company Z where I once worked. Company Z did not use a proxy server, and did allow outbound access to any port on the Internet. So these copies of Netscape continued to work, using company X's proxy server.
Eventually company X discovered their proxy server was being "attacked" or otherwise heavy loaded from the Internet. They either shut it down or made it unreachable from the outside or it just plain crashed.
==================================================================== Geoff Lisk Senior Network Engineer Advanced Micro Devices 1 AMD Place, Sunnyvale CA 94088 Voice: (408)749-4597 Fax: (408)774-7358 ====================================================================