Re: Suspicious network activity advice

[davestout () hotmail com]

I'm pretty sure it's just NetBIOS refreshing it's name database. With you running a developer machine I'm suspecting 
that your machine has inadvertantly become the NetBIOS master browser for your network. NetBIOS master browsers are 
normally the same machine as the Domain Controllers, but in certain situations an error can occur when another machine 
takes over as Master Browser after a browser election takes place. I had a similar problem when a Unix developer 
machine became the NetBIOS master browser due to an incorrectly configured machine. With this Unix machine not being in 
the Windows domain, we found that a whole section of our network was not reachable via NetBIOS name as the master 
browser is normally responsible for updating the records in the Domain controller.

I no longer work for the company when I did the network traffic captures that caught this behaviour so am doing this 
from memory, but I'm sure that analysis of a network traffic capture would indeed show this error up in a matter of 
minutes. Just amazes me sometimes that people don't bother to capture network traffic as it normally contains the 
correct answers.

Good luck and you were wrongly suspended imho

dave

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------