icslap connection to my computer
I was doing some some tests on my computer (vista) and found something peculiar when using the netstat command in command prompt. A foreign address labeled "000-computername:icslap" was discovered. This is a computer within my office...
When looking for information regarding this I have found very little. All i know that it is possibly tied with Windows internet connection sharing. There is no need for ICS from my computer and I don't have it on.
I've googled the issue and come up with some rumors to it being tied to snooping software. Being the Network admin, I would think I'd be privy to that kind of thing. But understanding I am not the boss does make snooping a possibility.
Anyone know something I dont? What are some good utilities I can use to spot this as it comes up again?
When looking for information regarding this I have found very little. All i know that it is possibly tied with Windows internet connection sharing. There is no need for ICS from my computer and I don't have it on.
I've googled the issue and come up with some rumors to it being tied to snooping software. Being the Network admin, I would think I'd be privy to that kind of thing. But understanding I am not the boss does make snooping a possibility.
Anyone know something I dont? What are some good utilities I can use to spot this as it comes up again?
ASKER
The netstat result will not show that connection every time. So far I've only been able to catch it twice.
Anyways, I have found snooping software. The connection was to my boss's computer. One of the programs was a keylogger, which is strictly prohibited by my corporation's IT security policy. The company understands that email will sometimes be used for personal use and allows us conduct personal affairs with it, so any monitoring technology that can't discriminate between email and other traffic is not allowed.
Looks like a talk with HR and the some legal council will be in order!
Anyways, I have found snooping software. The connection was to my boss's computer. One of the programs was a keylogger, which is strictly prohibited by my corporation's IT security policy. The company understands that email will sometimes be used for personal use and allows us conduct personal affairs with it, so any monitoring technology that can't discriminate between email and other traffic is not allowed.
Looks like a talk with HR and the some legal council will be in order!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That is EXACTLY what I've been searching for.. Thank you!
ASKER
Thanks again, this will help me pinpoint some details. The program isn't constantly sending out data, so I needed something that will detect it when it happens.
thanks,
bbao