Does not mean anything, Bob. Some adwerts/spywares and other malwares injects its code into other processes (wellcome in the Windows' world), so you will see that your well known app trying to do something nasty. It is basically because many firewall product does not check the integrity of a process but it's name so it will think that your legitimate szoftver is accessing to the net. Same thing, when a pop-up says your google tollbar do something it might be the threat, so the author of that threat hopes that you will click on ALLOW button... Tamas On 19/10/06, Bob Axtell wrote: > > Dwayne Reid wrote: > > At 03:50 PM 10/18/2006, Bob Axtell wrote: > > > >> I caught my wife's computer trying to phone home yesterday. > >> > > > > Quick question, Bob. > > > > What technique or tools did you use to detect this? > > > > Another, more general question: what direction should I be looking in > > to find tools to help me figure out what traffic is occurring in our > > office network?. Available bandwidth fluctuates dramatically over > > the course of the day and I'd like to get an idea of what's happening > where. > > > > Simple network: ADSL modem feeding Linksys router feeding 24 port > switch. > > > > Thanks for any pointers! > > > > dwayne > > > > > > > I install a firewall into each individual computer; I use kerio 4. > Before the application is allowed to gain > access to a port, a verification popup is thrown up onto the screen. > You can deny THIS TIME, deny > ALWAYS, allow THIS TIME, or allow ALWAYS. But it also stores the name of > the app that requests > the port, and IP numbers used, in a log file, so you can easily > determine what is going on. > > Once a week, I get the log files, and look to see who is trying to break > in, what virus I have picked up, etc. > > Kerio is not QUITE free, but almost. I like it. > > --Bob > -- > http://www.piclist.com PIC/SX FAQ & list archive > View/change your membership options at > http://mailman.mit.edu/mailman/listinfo/piclist > -- unPIC -- The PIC Disassembler http://unpic.sourceforge.net -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist