|
-
December 2nd, 2010, 05:37 AM
#1
Junior Member
 ISP malicious behavior
Peace upon you every one,
lately i've notice while surfing the web that i'm getting the following url while accessing google
Code:
http://netsweeper.gizasystems.local:8080/webadmin/deny/index.php?dpid=49&dpruleid=56&cat=28&ttl=-200&groupname=default&policyname=default&username=-&userip=41.237.232.135&connectionip=1.0.0.127&nsphostname=netsweeper.gizasystems.local&protocol=nsef&dplanguage=-&url=http%3a%2f%2fwww.google.com.eg%2f
notice that the url have some fields attached like my ip :
userip=41.237.232.135
most of you knows that some web apps use the url to transmit data to/from clients and some would use to store high sensitive data like session id's.
any way i was thinking that my home page is changed or some malware is poisoning my DNS cash.
but later i found that it was a dominated phenomena here in Egypt other people reported the same thing
now if you look to the sub domain you will find that http://netsweeper.gizasystems.local:8080
gizasystem is a well known local co in monitoring and filtering
Zain Vodafone - SS7 Monitoring Solution
In a recent project, Giza Systems teamed upp with Zain Vodafone to implement the SS7 Monitoring Solution. The solution, which is being implemented for a joint venture between the Vodafone and Zain groups for the second mobile operator in Bahrain, will offer great benefits for the companies to improve their network efficiency. Giza Systems has already successfully completed the first phase of the project.
Telecom Egypt – SS7 Monitoring System
Giza Systems implemented Signaling System 7 (SS7) Monitoring System which was in this case integrated with the Revenue Assurance system provided to Telecom Egypt,. SS7 Monitoring feeds the Revenue Assurance System with Call Detail Records (CDRs) to be reconciled with the CDRs collected through the switch. SS7 monitors the links between Telecom Egypt network and the Mobile, International and Intelligent Network (IN) operators. This system provides Telecom Egypt with Quality of Service (QoS) reports about its interconnect traffic with other operators.
any way some people was saying that the government is trying to Monitor the local intranet not "block" but to know the content.
i've changed my DNS ip to google open dns and since then i didn't get the url that i got before.
i wana talk with you people about that what it could be and are they really up to something??? 
Decode the following to 8-Bit ASCII : 01001001 01110011 01101100 01100001 01101101 00100000 01101001 01110011 00100000 01110100 01101000 01100101 00100000 01110011 01101111 01101100 01110101 01110100 01101001 01101111 01101110
[SIGPIC] http://www.opensuse.org/en/[/SIGPIC]
Similar Threads
-
By The Grunt in forum AntiOnline's General Chit Chat
Replies: 4
Last Post: March 5th, 2005, 08:36 PM
-
By ShagDevil in forum Wireless Security
Replies: 23
Last Post: January 28th, 2005, 05:10 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By s0nIc in forum AntiVirus Discussions
Replies: 9
Last Post: February 26th, 2002, 01:31 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote