Here you go: http://www.backtrack-linux.org/downloads/ they have a vmware image already set for you. I also just realized that I skipped an entire release of BackTrack. So many things to look at it, so little time....
-Jeff Steward On Thu, Sep 16, 2010 at 4:52 PM, Raper, Jonathan - Eagle < [email protected]> wrote: > Yeah, just haven’t had time to get Wireshark running (again). > > > > Thanks, > > > > Jonathan L. Raper, A+, MCSA, MCSE > Technology Coordinator > Eagle Physicians & Associates, PA* > *[email protected]* > *www.eaglemds.com > ------------------------------ > > *From:* Andrew S. Baker [mailto:[email protected]] > *Sent:* Thursday, September 16, 2010 12:43 PM > > *To:* NT System Admin Issues > *Subject:* Re: security concern - ESX host repeatedly hitting external > IP... > > > > Sniff the traffic... :) > > > *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> > *Exploiting Technology for Business Advantage...* > * * > > On Thu, Sep 16, 2010 at 11:22 AM, Raper, Jonathan - Eagle < > [email protected]> wrote: > > We’re getting ready to decommission an old router, and almost all of the > traffic to and through it (except broadcast) has stopped. I'm reviewing the > syslog, and keep seeing this: > > > > 9/16/2010 8:36:50 AM [*Internal Router Private IP Address*] Informational > SEC-6-IPACCESSLOGP 651364: 44w0d: %SEC-6-IPACCESSLOGP: list permit_any > permitted udp [*ESX Private IP Address*](0) -> 72.18.205.156(0), 1 packet > > > > I've asked our VMware admin to look over his host configuration to make > sure he isn’t pointing to the old router, but he says everything is "fine." > > > > Anyone else seen this or have any ideas as to why I'm seeing this traffic? > > > > Upon Googling said IP Address, it appears that it may be part of > pool.ntp.org, but I cannot confirm this. This host is located in > Warminster, PA, according to some sites. > > > > Jonathan L. Raper, A+, MCSA, MCSE > > Technology Coordinator > > Eagle Physicians & Associates, PA > > [email protected] > > www.eaglemds.com > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ------------------------------ > Any medical information contained in this electronic message is > CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to > view, copy, disclose, or disseminate CONFIDENTIAL information. This > electronic message may contain information that is confidential and/or > legally privileged. It is intended only for the use of the individual(s) > and/or entity named as recipients in the message. If you are not an intended > recipient of this message, please notify the sender immediately and delete > this material from your computer. Do not deliver, distribute or copy this > message, and do not disclose its contents or take any action in reliance on > the information that it contains. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
