From: technomage-hawke@127.0.0.1   
      
   derpeterderschmitz@web.de wrote:   
      
   > Hey there!   
   >   
   > i set up an ms 2k server behind my firewall. i use a progamm called   
   > showtraffic ver 1.5. all the time it tells me that the server connects   
   > on   
   > port 1026 (used by mstask) to port 36546 on IP 224.2.144.105. even if   
   > the   
   > firewall and router is not connected to the isp. I disabled mstask on   
   > the   
   > server but still traffic.   
   >   
   > If i use netstat -a the port 1026 is in the list but there is no status   
   > and   
   > no ip.   
   >   
   > here the showtraffic log file:   
   >   
   > [21:51:23.921 - 21.01.2006]   
   > Proto: UDP len: 32 192.168.0.100:1026 -> 224.2.144.105:36546   
   >   
   > 00000000 45 00 00 20 73 28 00 00 01 11 15 2d c0 a8 00 64 E   s(   
   > -À¨ d   
   > 00000010 e0 02 90 69 04 02 8e c2 00 0c ac 25 4d 53 42 20 àiZ   
   > ¬%MSB   
   >   
   >   
   > I really don't know, but I would like to know what the hell it is and   
   > why   
   > the ip 224.2.144.105?   
   >   
   > Please help.   
   >   
   > thx   
   really sounds like you have a trojan of some kind there.   
      
   you might need to download a scanner (a/v software) and run it. a good one   
   can be found here: www.free-av.com   
      
   TMH   
   --   
   I will not be pushed, filed, stamped, indexed, briefed, debriefed, or   
   numbered!   
   My life is my own - No. 6   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)