IZON
10-05-03, 04:05 AM
Lately, my main rig (see sig) has taken to dialing up and logging on to the net without my consent. Fotunately I've been there on all but one occasion to witness the event.
CRTL-ALT-DEL reveals:
Explora (m$ thingy)
Zona Alarm (firewall)
Systray (m$ stuff)
Avgctrl (antivirus)
Rnaapp (remote network access application - m$)
Rnaapp only appears when the modem starts dialling (I didn't know about this until the phantom dialling started about a week ago). Is rnaapp the problem?
One other thing to consider, my main rig is networked with one other pc (PII 400 running Linux RH9 and 98se). When I boot up the second rig that's usually when the phantom dialling starts (both rigs are on when this problem happens), my issue here is that the second rig is not configured for network use under Linux which is what I always boot up with, as a result I'm not entirely convinced the second rig has anything to do with it.
During this phantom dialling and logging on, the ZA log shows my main rig IP as 192.168.0.10.68 (but I don't know what the last two digits '68' represent) and the destination IP as 255.255.255.255.67 no source DNS is listed and a traceroute draws a blank, it's always the same destination IP address when the phantom dialling starts with ZA registering multiple hits from this IP, fortunately I can block them.
Any thoughts folks?
CRTL-ALT-DEL reveals:
Explora (m$ thingy)
Zona Alarm (firewall)
Systray (m$ stuff)
Avgctrl (antivirus)
Rnaapp (remote network access application - m$)
Rnaapp only appears when the modem starts dialling (I didn't know about this until the phantom dialling started about a week ago). Is rnaapp the problem?
One other thing to consider, my main rig is networked with one other pc (PII 400 running Linux RH9 and 98se). When I boot up the second rig that's usually when the phantom dialling starts (both rigs are on when this problem happens), my issue here is that the second rig is not configured for network use under Linux which is what I always boot up with, as a result I'm not entirely convinced the second rig has anything to do with it.
During this phantom dialling and logging on, the ZA log shows my main rig IP as 192.168.0.10.68 (but I don't know what the last two digits '68' represent) and the destination IP as 255.255.255.255.67 no source DNS is listed and a traceroute draws a blank, it's always the same destination IP address when the phantom dialling starts with ZA registering multiple hits from this IP, fortunately I can block them.
Any thoughts folks?