IP address in question
Results 1 to 9 of 9

Thread: IP address in question

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Posts
    275

    IP address in question

    I cant figure this out. Everytime i boot up my pc i pull up the cmd prompt and do the netstat -an 2 command and i begin to watch it plug along. Then suddenly my computer connects with this ip address TCP XXX:1032 207.33.111.82:8195 so i went in my sygate and blocked this ip address, but it still manages to connect. so what i did next was clear all my applications that have internet access to make sure it wasnt a live update program or what not and i looked at all of the ip's of my applications and that ip address was not one of them that i allow to connect. Theres only one other thing i noticed though the ip's at sygate scan are very similiar they are 207.33.111.36 and 207.33.111.37 could the address im worried about possibly be sygate? your help would be greatly appreciated -dublix

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    This is some info I found about those IPs using SamSpade...

    http://verio.net/

    OrgName: Verio, Inc.
    OrgID: VRIO

    NetRange: 207.33.0.0 - 207.33.255.255
    CIDR: 207.33.0.0/16
    NetName: VRIO-207-033
    NetHandle: NET-207-33-0-0-1
    Parent: NET-207-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS0.VERIO.NET
    NameServer: NS1.VERIO.NET
    NameServer: NS2.VERIO.NET
    Comment: ********************************************
    Reassignment information for this block is
    available at rwhois.verio.net port 4321
    ********************************************
    RegDate: 2001-02-05
    Updated: 2001-09-26

    TechHandle: VIA4-ORG-ARIN
    TechName: Verio, Inc.
    TechPhone: +1-303-645-1900
    TechEmail: vipar@verio.net

    OrgAbuseHandle: VAC5-ARIN
    OrgAbuseName: Verio Abuse Contact
    OrgAbusePhone: +1-800-551-1630
    OrgAbuseEmail: abuse@verio.net

    OrgNOCHandle: VSC-ARIN
    OrgNOCName: Verio Support Contact
    OrgNOCPhone: +1-800-551-1630
    OrgNOCEmail: support@verio.net

    OrgTechHandle: VIA4-ORG-ARIN
    OrgTechName: Verio, Inc.
    OrgTechPhone: +1-303-645-1900
    OrgTechEmail: vipar@verio.net

    # ARIN Whois database, last updated 2002-12-13 20:00
    # Enter ? for additional hints on searching ARIN's Whois database.

    Ring a bell? Is this your ISP?
    Sorry I couldn't find out too much more.. I gotta run.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member
    Join Date
    Dec 2002
    Posts
    275
    The verio.net rings a bell because that is what shows up when i do a whois on the sygate.scan ip's . But no that is not my ISP.. thanks for going threw the trouble to help me though i really appreciate it phishphreek80

  4. #4
    Senior Member
    Join Date
    Aug 2002
    Posts
    239

    Smile In reply....

    What OS do you have? XP will establish many services that request or establich outbound connections.

    phishphreek80 is probably right. Your ISP might be connecting with you, for whatever reason. I looked at your post and saw that the remote IP is connected to your comp via port 1032. Check this site out: http://www.seifried.org/security/ports/1000/1032.html

    The site mentions that port 1032 is the first port used to establish outbound connections.
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  5. #5
    Senior Member
    Join Date
    Dec 2002
    Posts
    275
    Thanks for the link Showtime. Im running WindowsXP and Linux but this is happening when im using XP. I dont think its my ISP because i have been using the netstat -an 2 command for around six months, i always immediatly run that command to see what my computer is doing on start up and it has been connecting to this ip for the last three weeks and has never connected to that ip ever before, maybe its going for an outboung connection and im just not quick enough with that command to catch it. but that ip range is totally different than my ISP's.

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    You may want to check out active ports. and foundstone's fport.

    These programs will match up what program is using what ports and to what address they connect. You may want to run that. If it is a system service, you can just disable it if you don't need it.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Junior Member
    Join Date
    Dec 2002
    Posts
    1
    If you use the -o option, XP should give you the pid of the process that's using that connection. That should help you track down the problem.
    People who always listen to audio are audiophiles, people who always read books are bibliophiles, so i guess that makes me a text philephile.

  8. #8
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Verio IMO is a spamhaus. Not that what your experiencing is spam but Verio seems to offer protection too those involved in offensive behavior of this nature. You may have spyware sending home information about you. Run Ad Aware to get rid of any offending modules that may have been installed.

    www.lavasoftusa.com
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  9. #9
    Senior Member
    Join Date
    Jun 2002
    Posts
    394
    www.sysinternals.com
    GET a proggy called TCPview.
    lets you easily source the app using the network, and kill it.
    Hmm...theres something a little peculiar here. Oh i see what it is! the sentence is talking about itself! do you see that? what do you mean? sentences can\'t talk! No, but they REFER to things, and this one refers directly-unambigeously-unmistakably-to the very sentence which it is!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •