[sudo-sys] Rogue machine on our network?

[Marc Juul]

I've now had two odd things happen from Omni over the past few weeks:

First I couldn't log into linkedin. Even accessing the site just
directed me to a weird warning page saying they don't allow Chinese
IPs and giving a phone number (?!) to call for support. At first I
thought it was because they had seen my computer from china, but then
I tried a clean browser which did nothing and then I tried through a
VPN which resolved the issue.

Then I couldn't log into NameCheap but I could reset the password
fine, and then I would just get the same "wrong username or password
message". After contacting support they told me that our IP had been
banned because someone had tried to log into many different accounts
from our IP unsuccessfully.

I'm beginning to suspect that we may have e.g. a rogue windows machine
on our network (could it be the one hooked up to the x-ray machine in
sudo? or one of the machines in CCL?)

Just wanted to put it out there in case we get more data.

-- 
marc/juul