My IDS keep on alerting on this : ICMP L3retriever Ping. What the heck is this. Using google; i stumble upon this mailing list.
It active directory related - if you have Win XP systems/and possibly win2000
as well, you will have these. You might
want to examine your rule and/or look and see if the "computer browser" service
is enabled on non-domain controllers
(i.e. all the workstations, etc).
Based on this answer; i have to stop and disable almost 100 machine from running Computer Browser. What i did was:
runas /user:domainname\userid cmd
net view | findstr "^\\\\" >hostlist
for %i in (hostlist) do start /wait psexec %i cmd /C "net stop browser"
for %i in (hostlist) do start /wait sc %i config Browser start= disabled
Let see what will happen.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment