Part of my regular job is to scan the internal network for rogue software installations and unauthorized software. I fiddled again with Nmap to scan for Yahoo Messenger in my home network and this is a snapshot of my findings:
snapshot of nmap to scan for TCP 5101:
Interesting ports on 10.252.236.117:
PORT STATE SERVICE
5101/tcp filtered admdog
MAC Address: 00:0B:CD:A2:10:24 (Compaq (HP))
Interesting ports on 10.252.236.122:
PORT STATE SERVICE
5101/tcp open admdog
MAC Address: 00:1B:38:9E:D9:3E (Compal Information (kunshan) CO.)
Interesting ports on 10.252.236.126:
PORT STATE SERVICE
5101/tcp filtered admdog
MAC Address: 00:0F:20:24:28:30 (Hewlett Packard)
note that I found one YM install, the one with admdog open on TCP 5101.
Yahoo Messenger is unwelcome in a corporate environment. It's a big security hole, I tell you. Ban it if you will. Installing anything on office PCs need official approval from Information Security and the installation to be performed by IT staff.
Time to draft a letter reprimand to the concerned staff!
No comments:
Post a Comment