Rouen said:Apparently it is possible to actually tag a computer's hardware. Some kind of UID (Unique ID) from either his CPU, motherboard, etc. Or maybe they can somehow find his MAC after he gets a new IP over and over. He connected to his work through telenet, and whatever rootkit was used was spread to over 10,000 machines, work stations, servers, and computers that were remote accessed (Tech support), everyone in his address book, all got hit with this. He lost his job over it.
What ever way it was tagged, I'd like Jay Beale to explain that one
Rouen said:Its random ports from various IP's hitting me at the same time with ICMP's. My reg fix keeps them from getting replys or the info they want, etc. I'm not worried so much about the ICMP packets as I am about the number of machines actually doing it in such unison. This is why I want to find out what it means to "connect an IP to a machine." The way it was said, its some kind of actually port connection, not a hack, worm, trojan, tracking MAC, msinfo32, etc. How do I found out if I'm being monitored, passively or actively?