Sygate Firewall warning

From: Roy (roysquiresTAKETHISOUT_at_hotmail.com)
Date: 02/24/04

• Next message: SleeperMan: "Re: The top eight..."
• Previous message: lightning_b0lt: "Re: ABOARD.EXE and AOSD.EXE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 24 Feb 2004 18:05:02 +0000 (UTC)

Hi all,
    I have just clicked on the majorgeeks link in the following post, which
I found in the "alt.privacy.spyware newsgroup. :

---------------------

You can download it here:

http://www.majorgeeks.com/download2471.html

Enjoy!
-----
Kim/Dreamspinner3
Visit My Homepage: http://members.tripod.com/dreamspinner3/

------------------------------
When I go to the web page, Sygate pops up the following warning:

The new DLLs have been loaded:
C:\WINDOWS\system32\t2embed.dll

To disable DLL Authentication go to the security tab under the Tools,
Options menu.

File Version : 6.00.2800.1106 (xpsp1.020828-1920)
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 0xC4C (Heximal) 3148 (Decimal)

Connection origin : local initiated
Protocol : TCP
Local Address : 81.133.11.25
Local Port : 1161
Remote Name : pagead2.googlesyndication.com
Remote Address : 216.239.41.104
Remote Port : 80 (HTTP - World Wide Web)

Ethernet packet details:
Ethernet II (Packet Length: 76)
 Destination: 01-00-20-00-01-00
 Source: 00-00-01-00-00-00
Type: IP (0x0800)
Internet Protocol
 Version: 4
 Header Length: 20 bytes
 Flags:
  .1.. = Don't fragment: Set
  ..0. = More fragments: Not set
 Fragment offset:0
 Time to live: 128
 Protocol: 0x6 (TCP - Transmission Control Protocol)
 Header checksum: 0x76cd (Correct)
 Source: 81.133.11.25
 Destination: 216.239.41.104
Transmission Control Protocol (TCP)
 Source port: 1161
 Destination port: 80
 Sequence number: 2055183757
 Acknowledgment number: 0
 Header length: 28
 Flags:
  0... .... = Congestion Window Reduce (CWR): Not set
  .0.. .... = ECN-Echo: Not set
  ..0. .... = Urgent: Not set
  ...0 .... = Acknowledgment: Not set
  .... 0... = Push: Not set
  .... .0.. = Reset: Not set
  .... ..1. = Syn: Set
  .... ...0 = Fin: Not set
 Checksum: 0x43c7 (Correct)
 Data (0 Bytes)

Binary dump of the packet:
0000: 01 00 20 00 01 00 00 00 : 01 00 00 00 08 00 45 00 | .. ...........E.
0010: 00 30 CE 5B 40 00 80 06 : CD 76 51 85 0B 19 D8 EF | .0.[@....vQ.....
0020: 29 68 04 89 00 50 7A 7F : 9D 8D 00 00 00 00 70 02 | )h...Pz.......p.
0030: 40 00 C7 43 00 00 02 04 : 05 B4 01 01 04 02 11 67 | @..C...........g
0040: 6F 6F 67 6C 65 73 79 6E : 64 69 63 61 | ooglesyndica

Is this something I should be worried about?. Any help would be apreciated.
Regards,
Roy.

---

• Next message: SleeperMan: "Re: The top eight..."
• Previous message: lightning_b0lt: "Re: ABOARD.EXE and AOSD.EXE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Client certificate private key prompt ... Windows Server 2003 server without the Header manually added to the request. ... Frame 34 will be closing the connection. ... Protocol: TCP ... Transmission Control Protocol, Src Port: 2954, Dst Port: https, ... (microsoft.public.dotnet.framework) PuTTY terminate on open Alteon Director - Contains packet dump (LONG POSTING) ... Using SSH protocol version 1 ... I have also tried multiple different protocol settings and bugs ... Header checksum: 0xbdc1 ... Transmission Control Protocol, Src Port: 2759, Dst Port: ssh ... (comp.security.ssh) Re: Help Interpreting data from Wireshark ... What concerns me is that the packet seemed to have a source address of 192.168.1.1 but later in the packet you see the dest as 84.160.95.226 ... Protocol Info ... DENVER.local ICMP Destination unreachable (Port unreachable) ... Fragment offset: 0 ... (comp.os.linux.security) Re: Problem with the NDIS MUX IM driver (decapsulation not working) ... If the higher-level protocol and the lower-level miniport have enabled some TCP task offload contract, then the decapsulated packet you are indicating may not provide the necessary task offload information. ... then temporarily disabling the NDIS task offload features of the adapter using the adapter's NCPA advanced property tab should make the behavior "better". ... I slap on my own ethernet header infront of the real ... (microsoft.public.development.device.drivers) Re: dx upgrade - unexpected network connection ... > Ethernet II (Packet Length: ... > Internet Protocol ... = Don't fragment: Set ... > Header checksum: 0xa61c ... (microsoft.public.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)