Securing my PCAnywhere users.

[IMRevbudgreen]

I'm trying to shore up security for my on-site customers. A little background, then the question. A few days ago, I went on a service call to configure PCAnywhere 10.1 for a client. He has no firewall at the home location, and router using NAT at the host location. I was at his home (The remote). I had already setup host through the router to accept PCAnywhere calls on ports 5631 and 5632 and forwarded them to his internal static IP machine. I was able to connect and log in without issue. Now comes the leadin to the question. My customer did not know his IP address of his router and was doing a connect without a specific 'network host PC to control or IP' selection. What came up in his search was a pool of availble IP's on the ATTBI network. range 66.30.xxx.xxx. None of those IP's were my customers IP due to my setup of his router at his business. But one of the IP's that DID come up was the computer of a client of my company whose PCAnywhere was setup by a tech other than myself. I called the client, got his UN and PW, and logged to his desktop without issue. HIS COMPUTER WAS EXPOSED TO ATTACK!! I quickly finished with this client, and went to the other client, reconfigured his network to include a NAT enabled router, setup static internal IP's and punched the needed holes in the NAT router. Now he is totally secure.
Finally the question. How do I search for other machines that may be exposed to the same security threat? I tried setting up PCAnywhere in a duplicate setup as my first client whose system exposed the threat. I can't find any IP pool of computers. I think this is because my computer is securly behind a firewall and NAT router.
I would like to find out if any other clients of mine have security holes this big...
Any suggestions???
PEACE
Bud