Foreign IPs Established
|
|
Darwin Appleby
I Was Beaten With Satan
Join date: 14 Mar 2003
Posts: 2,779
|
12-27-2003 17:46
Ok, so when I go into command prompt and type netstat -n I come up with about 5 foreign IPs with an ESTABLISHED CONNECTION. I ran ad-aware, Norton Anti-Virus, Zone Alarm, and they're still there. What should I do?
_____________________
Touche.
|
|
Eggy Lippmann
Wiktator
Join date: 1 May 2003
Posts: 7,939
|
12-27-2003 18:02
panic!
|
|
Ama Omega
Lost Wanderer
Join date: 11 Dec 2002
Posts: 1,770
|
12-27-2003 18:20
TCP ** 64.12.24.107:5190 ESTABLISHED
TCP ** 205.188.5.152:5190 ESTABLISHED
TCP ** 64.12.27.147:5190 ESTABLISHED
TCP ** 205.188.176.69:5190 ESTABLISHED
TCP ** 64.12.26.13:5190 ESTABLISHED[ I have the same I think. <shrug>
_____________________
--
010000010110110101100001001000000100111101101101011001010110011101100001
--
|
|
Carnildo Greenacre
Flight Engineer
Join date: 15 Nov 2003
Posts: 1,044
|
12-27-2003 23:08
A quick search indicates that port 5190 is used by AOL Instant Messagner
_____________________
perl -le '$_ = 1; (1 x $_) !~ /^(11+)\1+$/ && print while $_++;'
|
|
Garoad Kuroda
Prophet of Muppetry
Join date: 5 Sep 2003
Posts: 2,989
|
12-28-2003 01:59
Holy CRAP! That IS cause for concern!
(Hey, do you really trust those guys?)
|
|
Darwin Appleby
I Was Beaten With Satan
Join date: 14 Mar 2003
Posts: 2,779
|
12-28-2003 09:57
Well, um, I get:
207.46.107.95:1863
205.188.11.172:5190
64.12.29.245:5190
67.29.152.250:21
67.29.152.250:21
67.29.152.250:20
67.29.152.250:21
67.29.152.250:20
Those last are my server, so no need to worry about them, but what about that first one?!
_____________________
Touche.
|
|
Loki Pico
Registered User
Join date: 20 Jun 2003
Posts: 1,938
|
12-28-2003 10:40
If you have a firewall, you ought to be able to prohibit those IP addresses access to your system.
|
|
Misnomer Jones
3 is the magic number
Join date: 27 Jan 2003
Posts: 1,800
|
12-28-2003 10:42
Darwin,
wasnt it you who had the creepy ip search thing? Did you search these?
|
|
Darwin Appleby
I Was Beaten With Satan
Join date: 14 Mar 2003
Posts: 2,779
|
12-28-2003 10:49
I actually forgot about that  That one that I'm worrying about has a dynamic IP, but every day it's a different version of that addresss. Ready for the scary part? After searching it, here's what comes up: OrgName: Microsoft Corp OrgID: MSFT Address: One Microsoft Way City: Redmond StateProv: WA PostalCode: 98052 Country: US
_____________________
Touche.
|
|
Alexis Fairchild
SL Event Junkie
Join date: 7 Mar 2003
Posts: 218
|
12-28-2003 13:47
That is most likely the server that all of the Error Reports go to... or Windows Messenger. I removed Windows Messenger because I was getting pop-ups getting into my system when I didn't even have a IE window open and I was playing single player C&C Generals... stupid popups would minimize my game. As soon as I removed Windows Messenger, I've had no problems since.
BTW, Windows Messenger is different than MSN Messenger... WM is built into Windows XP (if you have XP as your OS)
I always turn my Zone Alarm to locked anytime that I am not doing anything online (including SL) to help prevent this from ever happening again.
Bye bye for now,
Alexis
|