Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Head's Up Trillian
Search Topic:
Uniqs:
356		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AntiVir Free Questions »
« ProcessGuard 3.500  
AuthorAll Replies


koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX

Head's Up Trillian

It is a good thing i always have a command prompt up and running with netstat 3

I caught trillian connecting to these 2 ip addresses
113.86.159.72 and here 114.86.159.72 on 20 of 26 accounts that I have sighned in.

The odd thing is I cannot do a traceroute past
dist1-vlan130.rcsntx.sbcglobal.net
I suppose it could be a aprt of the ATT scans i have been getting again
Date: 08/10 05:39:03 Name: ICMP PING CyberKit 2.2 Windows
Priority: 3 Type: Misc activity
IP info: 76.202.10.126:n/a -> 76.203.228.132:n/a
References: 1

Date: 08/10 08:08:45 Name: ICMP PING CyberKit 2.2 Windows
Priority: 3 Type: Misc activity
IP info: 76.202.10.126:n/a -> 76.203.228.132:n/a
References: 1

Date: 08/10 10:36:13 Name: ICMP PING CyberKit 2.2 Windows
Priority: 3 Type: Misc activity
IP info: 76.202.10.126:n/a -> 76.203.228.132:n/a
Date: 08/10 13:05:50 Name: ICMP PING CyberKit 2.2 Windows
Priority: 3 Type: Misc activity
IP info: 76.202.10.126:n/a -> 76.203.228.132:n/a
References: 1

Date: 08/10 14:23:28 Name: ICMP PING CyberKit 2.2 Windows
Priority: 3 Type: Misc activity
IP info: 76.200.216.27:n/a -> 76.203.228.132:n/a

05:18:58 ppp0 » - TCP 144.160.130.16 30554 76.203.228.132 50001

15:06:31 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71 137(NETBIOS-NS)
15:06:32 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71 137(NETBIOS-NS)
15:06:34 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71 137(NETBIOS-NS)
15:06:37 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71 137(NETBIOS-NS)
15:06:38 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71
lookup block 99.13.99.71 137(NETBIOS-NS)
15:06:40 ppp0 » - UDP 99.13.99.73 137(NETBIOS-NS) 99.13.99.71
lookup block 99.13.99.71 137(NETBIOS-NS)
15:06:41 ppp0 » - TCP 99.13.99.73 1389 99.13.99.71
lookup block 99.13.99.71 80(WWW-HTTP)
15:07:02 ppp0 » - UDP 99.13.99.73 1133 99.13.99.71 161(SNMP)
15:07:04 ppp0 » - UDP 99.13.99.73 1133 99.13.99.71 161(SNMP)
15:07:19 ppp0 » - TCP 99.13.99.73 5000 99.13.99.71 80(WWW-HTTP)
15:07:21 ppp0 » - TCP 99.13.99.73 5000 99.13.99.71 80(WWW-HTTP)
15:07:23 ppp0 » - TCP 99.13.99.73 5000 99.13.99.71 8080
15:07:26 ppp0 » - TCP 99.13.99.73 5000 99.13.99.71 8080
15:07:37 ppp0 » - UDP 99.13.99.73 5000 99.13.99.71 137(NETBIOS-NS)
15:07:37 ppp0 » - UDP 99.13.99.73 5000 99.13.99.71 138(NETBIOS-DGM)
15:07:37 ppp0 » - UDP 99.13.99.73 5000 99.13.99.71 10421
15:07:37 ppp0 » - UDP 99.13.99.73 5000 99.13.99.71
lookup block 99.13.99.71 10426

after being attacked by 99.13.99.73
I had some iedw errors and all ie windows closed out/froze
And i had lost the DHCP ip address that my smoothwall box has been giving out to my router for as long as i can rember since the last install.
And FYI: I am already using Opendns dns numbers hardcoded in smoothwall. As well as just applied the latest patch which include

This update corrects several minor problems with SmoothWall Express 3.0 and a number of theoretical vulnerabilities

dnsmasq upgraded to 2.45, to correct a theoretical DNS cache poisoning issue.
openssl: 0.9.8h
openssh: 5.1p1
squid: 2.6.STABLE21
apache: 1.3.41
mod_ssl: 2.8.31
miniupnpd: 20080710
dhcp: 3.0.7.
Clam AV: 0.93.3
Fix for the IMSpector log viewer under Firefox 3.
Fix for installing updates via the old "push" method.

when there is some Att hops after that node

4 13 ms * 12 ms dist1-vlan130.rcsntx.sbcglobal.net [151.164.162.130]

5 14 ms 15 ms 11 ms 151.164.93.188
6 14 ms 12 ms 15 ms ex1-p12-0.eqdltx.sbcglobal.net [151.164.40.29]
7 21 ms 13 ms 13 ms asn10310-10-yahoo.eqdltx.sbcglobal.net [151.164.250.
10]
--
† Koma †
If YOu Don't Think It's Possable!! It's Acually A Reality!!The best way to predict the future is to invent it. Alan Kay!!
Ya Don't Know The signal Till Ya Ride It!!
Voice Break's There's Trouble!!!!
to forum · permalink · · 2008-08-10 17:55:00 · Reply to this
-
Forums » Up and Running » Security » SecurityAntiVir Free Questions »
« ProcessGuard 3.500  

Tuesday, 10-Nov 04:08:27 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [83] VoIP Over 3G Still Not Working For iPhone
· [81] Verizon Keeps Swinging At AT&T
· [33] Bill Would Force ISPs To Block Financial Scams
· [24] Mediacom Hints At 50, 100 Mbps Speeds
· [14] Clearwire To Get Another $1.5 Billion
· [11] Monday Morning Links
· [9] 15 States Have Now Gotten Broadband Mapping Money
· [5] AT&T Launching New 7.2 Mbps 3G Modem
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Framed for child porn 151; by a PC virus [Security]
· My cat is reluctant to exercise. [General Questions]
· MI424WR-GEN2 Rev E Configuration Thread [Verizon Fiber Optics]
· netTalk tk6000 [VOIP Tech Chat]
· Know when to run! [Home Repair & Improvement]
· Upcoming Games for 2009 [PC gaming GAMES]
· [WIN7] Outlook express under Windows 7? [Microsoft Help]
· Google Has Acquired Gizmo5 [VOIP Tech Chat]