dandelion
Premium,MVM
join:2003-04-29
Germantown, TN
clubs:
 ·Comcast
2 edits | reply to dandelion
Re: How to find which program is trying to get online?
The program trying to connect is a "program from windows explorer" with MDHash5 a73bc66a95cf4f7b597fc8975778a889
I figure may be adobe reader??? or possible media? just would like to find out for sure.When I search for the DNS for the outgoing I get this:
NetName:
MCAST-NET
NetHandle:
NET-224-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: FLAG.EP.NET
NameServer: STRUL.STUPI.SE
NameServer: NS.ISI.EDU
NameServer: NIC.NEAR.NET
Comment:
This block is reserved for
special purposes.
Comment:
Please see RFC 3171 for
additional information.
Comment:
RegDate: 1991-05-22
Updated: 2002-09-16
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet
Corporation for Assigned Names
and Number
OrgAbusePhone:
+1-310-301-5820
OrgAbuseEmail:
abuse@iana.org
OrgTechHandle:
IANA-IP-ARIN
OrgTechName:
Internet Corporation for Assigned
Names and Number
OrgTechPhone:
+1-310-301-5820
OrgTechEmail:
abuse@iana.org
(Search for
MCAST-NET turned this up)
[SpamCop-Geeks] Re: MCAST.net and
Interland.net (longish, maybe OT)
Jonathan Rynd
spamcop-geeks@news.spamcop.net
Fri, 25 Oct 2002 14:22:38
-0400
Previous message:
[SpamCop-Geeks] MCAST.net and
Interland.net (longish, maybe OT)
Next message: [SpamCop-Geeks] Re:
MCAST.net and Interland.net
(longish, maybe OT)
Messages
sorted by: [ date ] [ thread ] [
subject ] [ author ]
On Fri, 25 Oct
2002 13:40:39 -0400, "Sir
Lurksalot II"
wrote:
>These happened right
away at logon:
>23/Oct/2002
20:37:58 Outgoing ICMP
permitted; Out ICMP
[10] Router
Solicitation;
localhost->ALL-ROUTERS.MCAST.NET
>[224.0.0.2]; Owner: Tcpip Kernel
Driver
Your computer is set up
to accept "IP Multicast".(not
sure what this is?) This is a
setting in
your OS and does not
depend on whether you view
streaming media or
not.
Mcast.net is not a real domain;
it is the fictitious domain set
up for
the IP addresses that are
reserved for IP multicast.
Nothing to worry about.
>23/Oct/2002 20:46:58 Outgoing
ICMP permitted; Out ICMP [8]
>Echo Request;
localhost->64.224.86.159; Owner:
Tcpip Kernel
Driver
This means
that some software on your
machine is pinging
64.224.86.159.
My guess is that it's some
software trying to tell if
you
have an active Internet
connection or not, probably so it
can
phone home and check for
updates.
>Oh, and to the best of
my ability, I am virus/worm
free,
>adaware free, don't use
chats, do use ICQ (but it's
Removed
>for the duration until,
I settle this), and other
newsgroups I
>use are strictly
forced-text so I doubt I picked
anything up
>online.
It's still
possible that some program on
your machine is making the
network connections without
asking you. But the only way to
be sure is
to reinstall
Windows..."
Downloaded program Fport, ran it and it flips by so quick can't see anything. Couldn't find help in the readme section-is there a way to get it to stay so I can see it? |
|
EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY
|  Do you have Adobe Reader set to automatically check for updates? I have Norton Internet Security and it has a Program Scan Option that lists all apps that try to access the Net and I can then set individual custom permissions for each. This is a quick and simple way to see whats trying to gain access. I'm sure ZA has the same, yes?
--
One operating system to rule them all. |
|
Bubba
GIT-R-DONE
Premium,MVM
join:2002-08-19
Around, Us
·Comcast
| reply to dandelion
said by dandelion  :
Downloaded program Fport, ran it and it flips by so quick can't see anything. Couldn't find help in the readme section-is there a way to get it to stay so I can see it?
You can create a batch file and place it in the same folder you put Fport and you can have it create a txt file for viewing. I created a file named launch.bat with a simple command found below.
fport > fport.txt
notepad.exe fport.txt
--
"It's 5 O'clock Somewhere" |
|
RLD
Its All About Choice.
join:2001-07-05
North Richland Hills, TX
| reply to dandelion
multicast is normal traffic you can block it or ignore it. you can block it by not allowing the ip (224.0.0.1) out; but, it may cause problems with streaming media (music, video, realmedia, wma, etc).
--
R.L.Dempsey
OS/2 Warp & eCS (by Choice)
Mac OS/X & Linux (for FUN)
friggin windoze (by necessity)
|
|
