I had
success on several computers catching IRC Bots with SwatIT, which is free.
Ron
-----Original
Message-----
From: owner-nanog@merit.edu
[mailto:owner-nanog@merit.edu]On Behalf Of Christopher
Bird
Sent: Tuesday, March 25, 2003 8:56
PM
To: nanog@merit.edu
Subject: Syn Flood
I have
a problem on a home PC of all things. Every once in a while it bursts into life
and syn floods an IP address on port 80. The IP addresses it chooses are random
and varied. The network counters ratchet up alarmingly (as viewed in the
connections window). I am running winXP Pro on this box.
I have
zone alarm, an SMC Barricade firewall, and Norton anti virus.
I don’t
seem to be able to catch the computer at it, I just have the evidence after the
event. I don’t like the anti social behavior that this is exhibiting and am
wondering if the collective wisdom of this group might have any ideas how to
track the issue down.
According
to virus checkers, I am clean.
Thanks
in advance
Chris
Bird