Re: NSA,Windows, etc.
From: nss (nssant_at_yahoo.com)
Date: 04/26/04
- Next message: Olrik: "Re: You can't leave the theater after Last Passion of Christ and not believe"
- Previous message: informant: "Re: Onideus Mad Hatter has obsessed fan boi's"
- In reply to: Skybuck Flying: "NSA,Windows, etc."
- Next in thread: Skybuck Flying: "Re: NSA,Windows, etc."
- Reply: Skybuck Flying: "Re: NSA,Windows, etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Apr 2004 09:03:13 +0530
I have been using Microsoft Windows XP (WinXP) for accessing the
Internet for the last two years. Until now I was using Norton
Personal Firewall (NPF) to protect my computer from the
hackers etc. on the Internet. Because of NPF's stability problems
and heavy resource usage I decided to dump NPF and try some other
firewall product. After testing many firewall softwares I narrowed
down my choice to Agnitum firewall "OutPostPRO" (OutPost) because it
allowed me to control all the settings in detail. After several
days of stable operation I was satisfied with the computer setup.
After a few days, while accessing the Internet the OutPost firewall
threw up a warning that my system was trying to send out a
communication to the Internet with the following details:
Application: System
Direction: OutBound
Protocol: Protocol 99
Remote Host: 150.152.30.44
Remote Port: 0
I blocked that communication but I was surprised that I did not know
what "Protocol 99" was and why would my system be trying to use it.
The Internet Assigned Numbers Authority (IANA) has a site for
protocol numbers here: http://www.iana.org/assignments/protocol-numbers
Under Protocol 99 it says: any private encryption scheme
Something smells real bad here !!
Then I tried looking up the IP address of the host my system was trying
to contact and look what turns up:
IP address: 150.152.30.44
Host name: campwk4691214.tadlp.army.mil
My Microsoft Windows XP system was trying to contact someone in the
US military using a private encryption scheme.
Then I searched the Internet and the Usenet groups to see whether
someone else had also come across this WinXP spying. I searched
Google Groups with the string: "protocol 99" outpost WinXP
I found someone in New Zealand who was also using XP and OutPost
and had detected WinXP trying to contact the following host:
Protocol: Protocol 99
Remote Host: 160.133.199.84
Which resolves to:
Host Name: dlicwk3z6303e.tadlp.army.mil
See the following link for the suspect WinXp behavior:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=MPG.19e9
0647590adf63989684%40news.orcon.net.nz&rnum=1&prev=/groups%3Fnum%3D100%26hl%
3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26q%3D%2522protocol%2B99%2522%2Boutpo
st%2BWinXP%26btnG%3DGoogle%2BSearch
I shall let the erudite folks here draw their own conclusions.
As for me, I am going to dump WinXP as soon as I can arrange some
crucial hardware Linux drivers for my system. I have checked out
Mandrake and RedHat distros and I am leaning towards Mandrake but I
have yet to checkout Suse.
nss
- Next message: Olrik: "Re: You can't leave the theater after Last Passion of Christ and not believe"
- Previous message: informant: "Re: Onideus Mad Hatter has obsessed fan boi's"
- In reply to: Skybuck Flying: "NSA,Windows, etc."
- Next in thread: Skybuck Flying: "Re: NSA,Windows, etc."
- Reply: Skybuck Flying: "Re: NSA,Windows, etc."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
