Re: Who is calling out?
From: Irwin Greenwald (irwin@uclalumni.net)
Date: 07/29/02
- Next message: Gordy: "SUPERNOVA VIRUS HELP!!!!!!!!!!!!!!"
- Previous message: Bisirat: "Re: how to get password on limited account user"
- In reply to: JB: "Re: Who is calling out?"
- Next in thread: mikey: "Re: Who is calling out?"
- Reply: mikey: "Re: Who is calling out?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Irwin Greenwald <irwin@uclalumni.net> Date: Mon, 29 Jul 2002 05:41:50 GMT
On 7/28/2002 8:48 PM, JB wrote:
Some clarification of the problem may help. I have Zone Alarm Pro (ZAP)
set so that Generic Host Processor (GHP) and Mozilla (my news client)
are the only applications currently allowed internet access. Neither
may act as a server. Furthermore GHP is restricted to DNS server port
access (TCP and UDP port 53). All auto updates and notifications that I
am aware of have been shut down. I have run AD-AWARE and ANTI TROJAN
5.5 and found nothing.
The point is that - according to ZAP - the ONLY process that generates
alerts is GHP (on several ports other than 53); and ALL the incoming
traffic is attempting to connect to GHP on various ports. This incoming
traffic starts as soon as a dial-up connection is made which sure sounds
like a broadcast has been issued. Is it possible that my ISP
(Earthlink) is doing something to generate this traffic?
Irwin
>Hi Irwin;
>for starters, try disabling DNS Client in XP Services and letting the
>applications that need DNS lookup do so via TCP port 53. Set all programs
>to request access permission each time connection to the Internet is
>required. This way you may be able to track down the program(s) and the IP
>addresses that the programs are trying to connect. Have you disabled all
>automatic updates and notifications, have you run Ad-aware, have you tried
>an anti-trojan as well as AV?
>
>> I am running XP Home on a Sony Vaio 1.8GH. Because I have no
>> > access to a high speed line I use a 56K dial up modem. As soon as I
>dial up, I
>> > observe (Task Manager, Network tab) constant activity averaging
>about
>> > 10% of network bandwidth that appears to go on all day. It looks
>> > like some system application has sent out a broadcast message and
>the whole network is responding!
>> > Anyone know what is going on and what I can do about it?
>> >
>> I have ZA Pro installed and it tells me that Generic Host Processor
>> (GHP) is the culprit! I have disabled SERVER and have restricted GHP
>> to DNS ports. But everybody and his brother is trying to connect thru
>GHP.
>> --
>> Irwin Greenwald
>>
>
>
>
>
-- Irwin Greenwald
- Next message: Gordy: "SUPERNOVA VIRUS HELP!!!!!!!!!!!!!!"
- Previous message: Bisirat: "Re: how to get password on limited account user"
- In reply to: JB: "Re: Who is calling out?"
- Next in thread: mikey: "Re: Who is calling out?"
- Reply: mikey: "Re: Who is calling out?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
