I have an XP home edition on my home network behind my firewall. I know nothing about XP. This morning at localtime 5:45 am I noticed a connection with a lot of data being send to this address from my XP machine: 217.84.15.157.1214 > 192.168.1.9.1632 The XP machine of course is the 192 address. nslookup gave some typical appearing DHCP type name, which I didn't write down! I looked at the XP box. It had been left on, with a user logged in. IE was running but I couldn't enlarge the icon at the bottom of the screen. I shut down the XP box, the connection stopped, and nslookup no longer resolved the ip address above. I know that XP has vulnerabilities, but I thought the firewall would protect it (foolish dreamer). SO, the question is, is this a hack? Is there some port I need to block on my firewall to prevent this sort of access? Joel
_______________________________________________ Linux-users mailing list - http://linux-sxs.org/mailman/listinfo/linux-users Subscribe/Unsubscribe info, Archives,and Digests are located at the above URL.
