Read This, may be related. http://www.phenoelit.org/arpoc/
Also I want to ear the experts opinion about this or similar soft. This work? this represent a risk? Thanks Pablo A. C. Gietz Jefe de Seguridad Inform�tica Nuevo Banco de Entre R�os S.A. Te.: 0343 - 4201351 ----- Original Message ----- From: "Ian Lyte" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 04, 2002 1:58 PM Subject: Network Configuration Question? > Hi All, > > On a corporate machine, I was having trouble removing the TinyBar > scrote-ware that had installed itself surreptitiously onto my machine. As > part of the process of tracking down how it was running, I downloaded a > small packet sniffer and ran it so I could attempt to trace the outgoing > target address of the pop-up window. > > We are on a 100mbs switched network (I believe switched but ..). > > Now imagine my surprise when I could pick up traffic from around 6 other > machines, including HTTP, POP, SMTP and all the associated passwords. > > Some of the machines were geographically close to me in the office but > not all. How could this happen on a switched network - has one of the > switches fallen over into broadcast mode or something? If so how do I go > about determining (remotely) why/how it has fallen over, who else is on the > segment, and what other avenues do I have to explore? > > Thanks in advance > > Ian > >
