-
December 14th, 2002, 09:20 PM
#1
IP address in question
I cant figure this out. Everytime i boot up my pc i pull up the cmd prompt and do the netstat -an 2 command and i begin to watch it plug along. Then suddenly my computer connects with this ip address TCP XXX:1032 207.33.111.82:8195 so i went in my sygate and blocked this ip address, but it still manages to connect. so what i did next was clear all my applications that have internet access to make sure it wasnt a live update program or what not and i looked at all of the ip's of my applications and that ip address was not one of them that i allow to connect. Theres only one other thing i noticed though the ip's at sygate scan are very similiar they are 207.33.111.36 and 207.33.111.37 could the address im worried about possibly be sygate? your help would be greatly appreciated -dublix
-
December 14th, 2002, 10:06 PM
#2
This is some info I found about those IPs using SamSpade...
http://verio.net/
OrgName: Verio, Inc.
OrgID: VRIO
NetRange: 207.33.0.0 - 207.33.255.255
CIDR: 207.33.0.0/16
NetName: VRIO-207-033
NetHandle: NET-207-33-0-0-1
Parent: NET-207-0-0-0-0
NetType: Direct Allocation
NameServer: NS0.VERIO.NET
NameServer: NS1.VERIO.NET
NameServer: NS2.VERIO.NET
Comment: ********************************************
Reassignment information for this block is
available at rwhois.verio.net port 4321
********************************************
RegDate: 2001-02-05
Updated: 2001-09-26
TechHandle: VIA4-ORG-ARIN
TechName: Verio, Inc.
TechPhone: +1-303-645-1900
TechEmail: vipar@verio.net
OrgAbuseHandle: VAC5-ARIN
OrgAbuseName: Verio Abuse Contact
OrgAbusePhone: +1-800-551-1630
OrgAbuseEmail: abuse@verio.net
OrgNOCHandle: VSC-ARIN
OrgNOCName: Verio Support Contact
OrgNOCPhone: +1-800-551-1630
OrgNOCEmail: support@verio.net
OrgTechHandle: VIA4-ORG-ARIN
OrgTechName: Verio, Inc.
OrgTechPhone: +1-303-645-1900
OrgTechEmail: vipar@verio.net
# ARIN Whois database, last updated 2002-12-13 20:00
# Enter ? for additional hints on searching ARIN's Whois database.
Ring a bell? Is this your ISP?
Sorry I couldn't find out too much more.. I gotta run.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
December 14th, 2002, 10:36 PM
#3
The verio.net rings a bell because that is what shows up when i do a whois on the sygate.scan ip's . But no that is not my ISP.. thanks for going threw the trouble to help me though i really appreciate it phishphreek80
-
December 14th, 2002, 10:38 PM
#4
In reply....
What OS do you have? XP will establish many services that request or establich outbound connections.
phishphreek80 is probably right. Your ISP might be connecting with you, for whatever reason. I looked at your post and saw that the remote IP is connected to your comp via port 1032. Check this site out: http://www.seifried.org/security/ports/1000/1032.html
The site mentions that port 1032 is the first port used to establish outbound connections.
It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.
Hit it!
-
December 14th, 2002, 10:46 PM
#5
Thanks for the link Showtime. Im running WindowsXP and Linux but this is happening when im using XP. I dont think its my ISP because i have been using the netstat -an 2 command for around six months, i always immediatly run that command to see what my computer is doing on start up and it has been connecting to this ip for the last three weeks and has never connected to that ip ever before, maybe its going for an outboung connection and im just not quick enough with that command to catch it. but that ip range is totally different than my ISP's.
-
December 14th, 2002, 11:13 PM
#6
You may want to check out active ports. and foundstone's fport.
These programs will match up what program is using what ports and to what address they connect. You may want to run that. If it is a system service, you can just disable it if you don't need it.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
December 15th, 2002, 09:05 PM
#7
Junior Member
If you use the -o option, XP should give you the pid of the process that's using that connection. That should help you track down the problem.
People who always listen to audio are audiophiles, people who always read books are bibliophiles, so i guess that makes me a text philephile.
-
December 15th, 2002, 09:18 PM
#8
Verio IMO is a spamhaus. Not that what your experiencing is spam but Verio seems to offer protection too those involved in offensive behavior of this nature. You may have spyware sending home information about you. Run Ad Aware to get rid of any offending modules that may have been installed.
www.lavasoftusa.com
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
December 15th, 2002, 09:22 PM
#9
www.sysinternals.com
GET a proggy called TCPview.
lets you easily source the app using the network, and kill it.
Hmm...theres something a little peculiar here. Oh i see what it is! the sentence is talking about itself! do you see that? what do you mean? sentences can\'t talk! No, but they REFER to things, and this one refers directly-unambigeously-unmistakably-to the very sentence which it is!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|