Open Tech Support
Open Tech Support Archives
Back to HomeCommunityReviewsGuidesDownloadsTech LinksMarketplaceContact Us
 »  SITE NAVIGATION
»  OTS Home
»  OTS Forums
»  OTS Archives

»  About our site
»  Search our site
»  Support our site

»  What is this site?
»  Who are we?
 
 
 »  ADVERTISMENT
 
  Pages: 1

New good Network Intrusion Detection software

 (Click here to view the original thread with full colors/images)

Posted by: goranpaa

I got this tip from a friend yesterday, who's computer suddenly started to be slow when logging into the Windows desk. And also his surfing got somewhat slower dispite scanning with his antivirus and the several antispy's he did did run. They did'nt find more than some pretty harmless cookies.

But he had actually removed a trojan horse a couple of days back.

A suspicion, led him to look under his network settings. Now, he does'nt have his computer set up for a network. But he told me he wanted to make sure his net connection whas'nt hijacked. But when he open the menue for showing the computers in the network group. He found 2 completely unknown computers connected to his net connection! Merrily surfing away.

So he did phone a work mate, that is head of the computer security at my friends work.
And whas told to download "LANeye".

So he did, and this is what LAN Eye showed him, besides flagging wildly about those unknown computers (see screenie below).

But anyway, LANeye did block those connections. And he did shut down his net connection and removed those guys.

He also did a new scanning with his anti spywares and his antivirus in safe mode. Found 1 virus then. And he told me he have checked if those guys got back into his computer today? But they have'nt.

So I thought you guys eventually could be interested in testing this security software yourself.

http://www.laneye.com/

I also wanna add, that my friend did send a mail to his network provider with an explanation and with this screenie + the LANeye log. As a proof of the hijacking, and as a precausion, if his IP / connection had been involved in any illegal stuff due to this intrusion.



When you are looking at the screenie. You will see 2 Swedish words, " kända datorer" = "known computers". And "okända datorer" = "unknown computers".


Posted by: P0nix

I'll be sure to check it out. Nessus Security Scanner helped me diagnose a statefull firewall that automatically runs after installing Cisco's VPN software as well. Worth a look. It was blocking me from running a shoutcast server. Took me all day to figure that one out


Posted by: goranpaa

Yeah, try it out by all means. I think it's very nice..


 
Copyright 2000-2008 Open Tech Support. All Rights Reserved. Site Design and Development by Tolitz Rosel.