I was looking at my connection logs when I noticed the strangest blocked activity.
2006-01-02 00:03:01;Saudi Arabian Oil Company, Saudi ARAMCO;198.36.32.41:37709;192.168.0.2:6886;TCP;Blocked
2006-01-02 00:09:24;Private Customer - SBC Internet Services;69.228.204.218:60777;192.168.0.2:6885;TCP;Blocked
2006-01-02 00:11:33;Private Customer - SBC Internet Services;69.228.204.218:60822;192.168.0.2:6885;TCP;Blocked
2006-01-02 00:14:04;Electronics and Telecommunications;129.254.186.123:1968;192.168.0.2:6886;TCP;Blocked
2006-01-02 00:17:38;Private Customer - SBC Internet Services;69.106.244.72:1327;192.168.0.2:6886;TCP;Blocked
2006-01-02 00:17:46;Limelight Networks, LLC;192.168.0.2:4022;69.28.159.57:80;TCP;Blocked
2006-01-02 00:17:49;Limelight Networks, LLC;192.168.0.2:4022;69.28.159.57:80;TCP;Blocked
2006-01-02 00:17:55;Limelight Networks, LLC;192.168.0.2:4022;69.28.159.57:80;TCP;Blocked
2006-01-02 00:18:07;Limelight Networks, LLC;192.168.0.2:4024;69.28.159.60:80;TCP;Blocked
2006-01-02 00:18:10;Limelight Networks, LLC;192.168.0.2:4024;69.28.159.60:80;TCP;Blocked
2006-01-02 00:18:16;Limelight Networks, LLC;192.168.0.2:4024;69.28.159.60:80;TCP;Blocked
2006-01-02 00:18:28;Limelight Networks, LLC;192.168.0.2:4026;69.28.159.17:80;TCP;Blocked
2006-01-02 00:18:31;Limelight Networks, LLC;192.168.0.2:4026;69.28.159.17:80;TCP;Blocked
2006-01-02 00:18:37;Limelight Networks, LLC;192.168.0.2:4026;69.28.159.17:80;TCP;Blocked
2006-01-02 00:18:49;Limelight Networks, LLC;192.168.0.2:4028;69.28.159.52:80;TCP;Blocked
2006-01-02 00:18:52;Limelight Networks, LLC;192.168.0.2:4028;69.28.159.52:80;TCP;Blocked
2006-01-02 00:18:58;Limelight Networks, LLC;192.168.0.2:4028;69.28.159.52:80;TCP;Blocked
2006-01-02 00:23:31;Private Customer - SBC Internet Services;69.228.204.218:61109;192.168.0.2:6885;TCP;Blocked
2006-01-02 00:23:38;DoD Network Information Center;55.17.86.172:31260;192.168.0.2:1026;UDP;Blocked
2006-01-02 00:31:47;Saudi Arabian Oil Company, Saudi ARAMCO;166.87.255.131:48081;192.168.0.2:6886;TCP;Blocked
2006-01-02 00:37:06;Time Warner Telecom;66.162.184.59:18507;192.168.0.2:1026;UDP;Blocked
2006-01-02 00:38:33;Private Customer - SBC Internet Services;69.228.204.218:61442;192.168.0.2:6885;TCP;Blocked
2006-01-02 00:43:35;Everyones Internet,;192.168.0.2:4127;67.15.84.17:80;TCP;Blocked
2006-01-02 00:43:38;Everyones Internet,;192.168.0.2:4127;67.15.84.17:80;TCP;Blocked
2006-01-02 00:43:44;Everyones Internet,;192.168.0.2:4127;67.15.84.17:80;TCP;Blocked
2006-01-02 00:43:56;Everyones Internet,;192.168.0.2:4138;67.15.84.17:80;TCP;Blocked
2006-01-02 00:43:59;Everyones Internet,;192.168.0.2:4138;67.15.84.17:80;TCP;Blocked
2006-01-02 00:44:05;Everyones Internet,;192.168.0.2:4138;67.15.84.17:80;TCP;Blocked
2006-01-02 00:47:54;Network of EDS Operation Services GmbH;194.196.92.223:13454;192.168.0.2:1027;UDP;Blocked
2006-01-02 00:53:33;Private Customer - SBC Internet Services;69.228.204.218:61786;192.168.0.2:6885;TCP;Blocked
2006-01-02 01:02:46;Limelight Networks, LLC;192.168.0.2:4207;69.28.159.60:80;TCP;Blocked
2006-01-02 01:02:49;Limelight Networks, LLC;192.168.0.2:4207;69.28.159.60:80;TCP;Blocked
2006-01-02 01:02:55;Limelight Networks, LLC;192.168.0.2:4207;69.28.159.60:80;TCP;Blocked
2006-01-02 01:03:08;Limelight Networks, LLC;192.168.0.2:4209;69.28.159.17:80;TCP;Blocked
2006-01-02 01:03:11;Limelight Networks, LLC;192.168.0.2:4209;69.28.159.17:80;TCP;Blocked
2006-01-02 01:03:17;Limelight Networks, LLC;192.168.0.2:4209;69.28.159.17:80;TCP;Blocked
2006-01-02 01:03:29;Limelight Networks, LLC;192.168.0.2:4211;69.28.159.52:80;TCP;Blocked
2006-01-02 01:03:32;Limelight Networks, LLC;192.168.0.2:4211;69.28.159.52:80;TCP;Blocked
2006-01-02 01:03:38;Limelight Networks, LLC;192.168.0.2:4211;69.28.159.52:80;TCP;Blocked
2006-01-02 01:03:50;Limelight Networks, LLC;192.168.0.2:4213;69.28.159.57:80;TCP;Blocked
2006-01-02 01:03:53;Limelight Networks, LLC;192.168.0.2:4213;69.28.159.57:80;TCP;Blocked
2006-01-02 01:03:59;Limelight Networks, LLC;192.168.0.2:4213;69.28.159.57:80;TCP;Blocked
2006-01-02 01:04:10;srs.targetpoint.com;192.168.0.2:4223;83.149.110.1:80;TCP;Blocked
2006-01-02 01:04:14;srs.targetpoint.com;192.168.0.2:4223;83.149.110.1:80;TCP;Blocked
2006-01-02 01:07:48;mcafee-center.net[Hijacker];192.168.0.2:4288;66.244.251.18:80;TCP;Blocked
2006-01-02 01:07:49;PSI FAKES PHOTOBKT Split;192.168.0.2:4290;38.116.160.69:80;TCP;Blocked
2006-01-02 01:07:51;mcafee-center.net[Hijacker];192.168.0.2:4288;66.244.251.18:80;TCP;Blocked
2006-01-02 01:07:52;PSI FAKES PHOTOBKT Split;192.168.0.2:4290;38.116.160.69:80;TCP;Blocked
2006-01-02 01:07:57;mcafee-center.net[Hijacker];192.168.0.2:4288;66.244.251.18:80;TCP;Blocked
2006-01-02 01:07:58;PSI FAKES PHOTOBKT Split;192.168.0.2:4290;38.116.160.69:80;TCP;Blocked
2006-01-02 01:08:36;Private Customer - SBC Internet Services;69.228.204.218:62099;192.168.0.2:6885;TCP;Blocked
2006-01-02 01:10:28;Savvis-Sourceforge Split1 Start Range;192.168.0.2:4301;66.35.250.55:80;TCP;Blocked
2006-01-02 01:10:29;Savvis-Sourceforge Split1 Start Range;192.168.0.2:4304;66.35.250.55:80;TCP;Blocked
2006-01-02 01:10:31;Savvis-Sourceforge Split1 Start Range;192.168.0.2:4301;66.35.250.55:80;TCP;Blocked
2006-01-02 01:10:37;Savvis-Sourceforge Split1 Start Range;192.168.0.2:4301;66.35.250.55:80;TCP;Blocked
2006-01-02 01:14:45;PSI FAKES PHOTOBKT Split;192.168.0.2:4327;38.116.160.69:80;TCP;Blocked
2006-01-02 01:14:48;PSI FAKES PHOTOBKT Split;192.168.0.2:4327;38.116.160.69:80;TCP;Blocked
2006-01-02 01:14:54;PSI FAKES PHOTOBKT Split;192.168.0.2:4327;38.116.160.69:80;TCP;Blocked
2006-01-02 01:15:54;Exodus IDC - BO/BO2,Exodus IP Address Administrator;66.37.202.118:15865;192.168.0.2:1026;UDP;Blocked
2006-01-02 01:16:29;PSI FAKES PHOTOBKT Split;192.168.0.2:4335;38.116.160.69:80;TCP;Blocked
2006-01-02 01:16:32;PSI FAKES PHOTOBKT Split;192.168.0.2:4335;38.116.160.69:80;TCP;Blocked
2006-01-02 01:16:39;PSI FAKES PHOTOBKT Split;192.168.0.2:4335;38.116.160.69:80;TCP;Blocked
2006-01-02 01:16:44;PSI FAKES PHOTOBKT Split;192.168.0.2:4337;38.116.160.69:80;TCP;Blocked
2006-01-02 01:16:47;PSI FAKES PHOTOBKT Split;192.168.0.2:4337;38.116.160.69:80;TCP;Blocked
2006-01-02 01:16:52;mcafee-center.net[Hijacker];192.168.0.2:4338;66.244.251.18:80;TCP;Blocked
2006-01-02 01:16:55;mcafee-center.net[Hijacker];192.168.0.2:4338;66.244.251.18:80;TCP;Blocked
2006-01-02 01:17:01;mcafee-center.net[Hijacker];192.168.0.2:4338;66.244.251.18:80;TCP;Blocked
2006-01-02 01:18:04;mcafee-center.net[Hijacker];192.168.0.2:4346;66.244.251.18:80;TCP;Blocked
2006-01-02 01:18:07;mcafee-center.net[Hijacker];192.168.0.2:4346;66.244.251.18:80;TCP;Blocked
2006-01-02 01:18:13;mcafee-center.net[Hijacker];192.168.0.2:4346;66.244.251.18:80;TCP;Blocked
2006-01-02 01:20:14;mcafee-center.net[Hijacker];192.168.0.2:4360;66.244.251.18:80;TCP;Blocked
2006-01-02 01:20:17;mcafee-center.net[Hijacker];192.168.0.2:4360;66.244.251.18:80;TCP;Blocked
2006-01-02 01:20:23;mcafee-center.net[Hijacker];192.168.0.2:4360;66.244.251.18:80;TCP;Blocked
2006-01-02 01:20:55;mcafee-center.net[Hijacker];192.168.0.2:4363;66.244.251.18:80;TCP;Blocked
2006-01-02 01:20:58;mcafee-center.net[Hijacker];192.168.0.2:4363;66.244.251.18:80;TCP;Blocked
2006-01-02 01:21:04;mcafee-center.net[Hijacker];192.168.0.2:4363;66.244.251.18:80;TCP;Blocked
2006-01-02 01:21:50;PSI FAKES PHOTOBKT Split;192.168.0.2:4366;38.116.160.69:80;TCP;Blocked
2006-01-02 01:21:53;PSI FAKES PHOTOBKT Split;192.168.0.2:4366;38.116.160.69:80;TCP;Blocked
2006-01-02 01:23:46;Private Customer - SBC Internet Services;69.228.204.218:62744;192.168.0.2:6885;TCP;Blocked
2006-01-02 01:25:15;mcafee-center.net[Hijacker];192.168.0.2:4389;66.244.251.18:80;TCP;Blocked
2006-01-02 01:25:18;mcafee-center.net[Hijacker];192.168.0.2:4389;66.244.251.18:80;TCP;Blocked
2006-01-02 01:25:24;mcafee-center.net[Hijacker];192.168.0.2:4389;66.244.251.18:80;TCP;Blocked
2006-01-02 01:26:25;Private Customer - SBC Internet Services;69.228.204.218:62794;192.168.0.2:6885;TCP;Blocked
2006-01-02 01:26:36;mcafee-center.net[Hijacker];192.168.0.2:4394;66.244.251.18:80;TCP;Blocked
2006-01-02 01:26:37;mcafee-center.net[Hijacker];192.168.0.2:4395;66.244.251.18:80;TCP;Blocked
I would love to know why the Saudi's and the DoD are trying to connect to my PC. *tinfoil*
What the... how rediculously random... been saying bad things about the President or OPEC lately?
You... watch your internet connection logs? :\
Edwin - no! You are a conduit for the ultimate war that the world will never see! The DoD and ARAMCO are going to fight it out in Desert Combat! You must make note! You can shape the course of world warfare! The world is yours! The world is yours!
Well, the IP addresses you point out seem to be unavailable at the moment, and the connections dead-end somewhere in Houston, Texas. That's okay, IP addresses can't be trusted anyway, they're easily spoofed...
But port 6886... isn't that one of the BitTorrent ports? In which case I don't think you've much to worry about...
Your PC simply is an equivalent of shady alley where DoD and Saudi princes meet, exchanging bulging suitcases while their bodyguards glare at each other through plank-thick sunglasses.
Well, the IP addresses you point out seem to be unavailable at the moment, and the connections dead-end somewhere in Houston, Texas. That's okay, IP addresses can't be trusted anyway, they're easily spoofed...
But port 6886... isn't that one of the BitTorrent ports? In which case I don't think you've much to worry about...
Bit Torrent eh? Looks like Edwin has some Pr0n that Bush and the Bin Laden Family just have to have.
Probably spoofed.
You... watch your internet connection logs? :
Bad habit not to have.
They are going to probe you, until they hear what they want to hear. You cannot stop them! You can only run!
Or perhaps DoD is staging Operation Freedom in your comp, because of undeniable evidence of Porn of Mass Destruction there.
Your PC simply is an equivalent of shady alley where DoD and Saudi princes meet, exchanging bulging suitcases while their bodyguards glare at each other through plank-thick sunglasses.
That was great. Sig Great.
This is so great. It's like Syrania is happening in Edwin's PC.
Not sure if you guys are keeping up with this, but here's the Internet Storm Center. Current discussions center around the .wmf exploit that is in the wild in two generations. This allows an IMAGE file to run arbitrary code - all you have to do is visit a web page or open an email. It's a pretty serious threat and MS does not have a fix for it yet. It's expected to take off in the next few days - there are already websites that have been compromised.
Doubleplus ungood.
Not sure if you guys are keeping up with this, but here's the Internet Storm Center. Current discussions center around the .wmf exploit that is in the wild in two generations. This allows an IMAGE file to run arbitrary code - all you have to do is visit a web page or open an email. It's a pretty serious threat and MS does not have a fix for it yet. It's expected to take off in the next few days - there are already websites that have been compromised.
Doubleplus ungood.
Nasty business, that. A fix can't come soon enough. D:
Fix = Mac OSX.
For my regular browsing, anyway.
'Course, if everyone goes to Mac, then so will the exploits.
Out of curiosity, what do you all say? SAW-dee Arabia or SOW-dee Arabia?
Where do you even get that detailed of information?
My router spits out a lot of IP numbers in it's log, most of which look local, but nothing like the kind of info you just posted.
And it's free even!
Good stuff Ed. Thankee.
*edit*
Geez. This thing kills everything.
It even murdered the ads in Xfire.
This is so great. Send a letter to Robert Ludlum and tell him to stop having his novels take place in your PC.
First Saudis, now Chinese! Next, the DPRK will show up, and then WWIII will ingnite in your computer when China encroaches on the Kazakhs.
They want to porn. AND THEY WILL HAVE THE PORN!
How do you view these logs?
Keep on posting these, please. Truly, when the Kenyans are trying to Highjack your PC, we will know that either....
A.) You have the most spectacular collection of porn anywhere, ever.
B.) You're a spook or part of the Illuminati and are dealing in worldwide covert operations as a operator.
Someone sticky this. This, my friends, is the new GWJ mystery, the new "Swaydora's Box". Edwin is caught in a web of geopolitical intrigue, the machinations of which we may never fully understand. The fate of the nation, nay, the world, may rest in Edwin's PC.
Who would've thought Girls Gone Wild: Co-Ed Tryouts was so important?
Pages