|
Organisations trying to connect via Port 6346 Dear LW Folks I have recently installed Peer Guardian (V1.99b r14) and found out that my PC is under attack from far more than just criminals and miscreants. Believe it or not PG reported that NASA, Microsoft (UK), a scientific institute and some other sites trying to get into my computer. Now why does these "agencies" and fakers want rummage around inside my (and all of our) PCs? UK Bob |
When I 1st read your post I thought hey ... but I've seen other reports that suggest it's very good. http://www.techzonez.com/forums/showthread.php?t=4160 Crappy Spywares that are spies & supplementary Sneaky devils! http://users.telenet.be/eforum/emoticons4u/evil/661.gif Here's some other comments I read: Tweakers Tip: Block the RIAA PeerGuardian is a free program that hides your file sharing from known RIAA informants. You have a firewall to keep out hackers, so why not have a firewall to keep out the RIAA? If you're running Windows, PeerGuardian does just that. Keep RIAA informants off your case Each time you launch PeerGuardian, it downloads the latest list of known RIAA informants and blocks them from connecting to your computer. The list contains hundreds of known IP-address ranges the RIAA has used to catch file swappers. Does PeerGuardian offer 100 percent protection? No. If an unknown RIAA informant sneaks through, you're still busted. Remember, the best way to not get caught is to not share pirated files. Support the musicians or movies you love and pick up a CD or DVD. Then share it. (Just kidding.) Get PeerGuardian now. It's free! Is a tiny firewall program especially designed for P2P software users PeerGuardian is a tiny firewall program especially designed for P2P software users, but also to anyone who is concerned about the investigations that corporations and authorities perform on the internet. PeerGurdian blocks connections for the configured IP ranges and logs the blocked connections. It uses an online IP database for the blocking, but IP ranges can also be configured manually. Pre-cofigured for blocking are RIAA, MPAA and many others. |
Organisations looking inside your PC Dear LOTR (and others interested in PC Security) I have just gone through my Peer Guardian log and found that the following organisations tried repeatedly, and failed, to connect themselves to my PC: Naval Research Laboratory Stennis Space Center Bay, National Aeronautics and Space Administration (NASA), NHI-NETWORKS-FAKES, City of Halifax, Myrias Computer Technologies Inc Canada, Communications Resources, United States Navy, National Science Foundation, INRIA, FTP Software Inc., MCA, Microsoft London Internet Data Center and RealNetworks Inc. I ask these questions knowing that I will never get an answer but why would NASA, the US Navy, some computer company in Canada, etc. want to look at my PC? What right do they have to try and invade my privacy? It is bad enough that I have to try and protect myself from criminals, phisers and hackers but now I have to protect myself from foreign (US and Canadian) agencies and companies. This just makes me feel sick. UK Bob |
Hmmm surprised here are the results I got: Connection Rejected: 131.107.102.76 - Microsoft Corp trackers 2 AP2P (02-20-2005 @ 09:22:00) Connection Rejected: 12.220.190.60 - National Aeronautics and Space Administration AP2P (02-20-2005 @ 09:32:58) Connection Rejected: 12.220.190.60 - National Aeronautics and Space Administration AP2P (02-20-2005 @ 09:32:58) Connection Rejected: 12.220.198.132 - National Aeronautics and Space Administration AP2P (02-20-2005 @ 09:50:36) Connection Rejected: 199.126.36.102 - City of Halifax CITY-HALIFAX-NS-CA (NET-199-126-28 (02-20-2005 @ 09:59:49) Connection Rejected: 12.214.28.86 - INRIA AP2P (02-20-2005 @ 10:00:02) Connection Rejected: 12.214.28.86 - INRIA AP2P (02-20-2005 @ 10:04:39) Connection Rejected: 12.220.229.154 - Naval Research Laboratory Stennis Space Center Bay (02-20-2005 @ 10:06:13) Connection Rejected: 12.214.45.166 - INRIA AP2P (02-20-2005 @ 10:13:01 Thanks for the tip ukbobboy01:D |
Installing PeerGuardian now:p |
Anyone got a link for PeerGuardian? I googled it but got confusing results. As in didn't see any that were free. |
Here is the link. http://www.methlabs.org/methlabs.htm Just chose the one for your operating system. |
I can't seem to find/pull up perr guardian. |
|
I would say that most of those reports are false alarms. Most of the time those agencies aren't actually trying to connect to your computer. It's probably mostly just port scanning. It is someone on a PG blacklisted IP range ping-sweeping the IP range you are on. It seems that the purpose of that would be to se all of the computers that have port 6346 open. Take a look at this to keep track of what ports are active on your machine. As long as you have a good firewall (ZoneAlarm, Black Ice, Sygate...), PeerGaurdian, and the Active Ports tool you should be safe from prying eyes. Just remember, don't get too alarmed over what you see on the logs of ZoneAlarm or PeerGaurdian. Good luck. deepblue |
Why? deepblue What you have just said has a certain ring of truth and I would like to believe that all these foreign government agencies, local/city authorities, colleges, etc. are just port scanning my IP address (or scanning a range of IP addresses). However, just seeing if you have port 6346 open doesn't seem to tell the whole story because if my port is open then what business is it of theirs? It seems to me that the reason for port scanning is just not only to see if ports are open but to look for vulnerable PCs to infect with a Trojan, that way your activities can be monitored and a report sent back to the Trojan's originator. Port scanning for port scanning sake makes no real sense for statistical purposes only, therefore I feel that there must be some other motive behind their constant port scanning activities. Finally, I will take your advice and not get too alarmed by what my various logs tell me, now that I have PeerGuardian. UK Bob |
Yes there is. They port scan to find IP addresses with port 6346 open. Any computer that returns a SYN/ACK or ACK packet (or an RST, PSH, or FIN packet depending on the type of scanning they are using) gets thier IP address added to a list. From there it can be used for just about anything. The agencies can use it see how many files you are sharing, and what they are. Or they can use the open port to deliver advertisments, spyware, or even gain unauthorized access to your computer. The job of a firewall and PG are to close/monitor open ports, and block all incoming TCP packets from prying agencies. I hope this helps. deepblue |
Port Scanning and Malware Planting. Dear All Over the past few days (21, 22 April) the PeerGuardian block list server was down, at the time I did not realise this and started my usual (early) weekend P2P-ing Friday morning I noticed that MS AntiSpyware found five instances of NS Keylogger on my PC, two of those instances I now believe were false positives (uninstallers): C:\Program Files\PeerGuardian2\unins000.exe C:\Program Files\SpywareBlaster\unins000.exe However, the other three instances cannot be dismissed as easily, leading me to suspect that one of those "agencies" that are constantly crawling down the 6346 port, and are usually kept out by PG2, probably planted this keylogger. I believe I made a silly mistake in not realising that the block lists that my copy of PG2 used were solely online, so when the PeerGuardian server went offline, a window of vulnerability opened on my PC. I have now nailed this window shut, and in order to protect my PC, by updating my PG2 with locally installed block lists (from Blocklist.org) now I am no longer dependant on the online lists as I was (unknowingly) before. UK Bob |
Hi Peerguardian sounds interesting but a question ? can I use it alongside my McAfee Firewall. Your help would be appreciated. hitbit |
PeerGuardian & Firewall Hitbit I use PeerGuardian along side Norton Personal Firewall 2005 so there should be no problem with McAfee or any other Firewall. UK Bob |
Perhaps its like a hole in a fence to them. They can't pass that hole without having a look. Seriously these people probably spy all the time if only to eliminate us from their inquiries hitbit |
PG w/ McAfee Quote:
|
I have been using PG for some time now and have seen similar organizations being blocked from port 6346.Could it be someone inside the organization trying to use Limewire as we are and being blocked because of the ip address?For example someone from the City of Thunder Bay,ON Canada has continually tried to connect to my port and been blocked. I don't think the RIAA has any spies in Thunder Bay its just that all cities are on the blocklist. I have been using PG for over a year and continued to use the original program through their dispute over ownership. I see this mess is resolved now, is my PG up to date or do I need to download a new program? Thanks Dan Also I use PG alongside Sygate and it works fine |
Dan Quote:
However, PG2 is now available so, I guess, that is the one you should be now using. UK Bob |
Interestingly PeerGaurdian does an excellent job of blocking my access to this website. |
try allowing HTTP-top right hand corner of PG |
maybe they just wanted to download some new tunes.. :p |
LOTR. and all, noted comments and tried the link to 'techzonez.com thread etc' and zone alarm blocked it saying it was a 'spy site' irony here somewhere? What can we trust? Lotr, thought u might like to know this info. (Will try Peer Gaurdian i expect tho) |
Quote:
|
Lotr Linked to site ok, started reading, Alert came up after15 secs or so, then blocked by Spysite blocker on ZAlarm,just thought it odd,so passed it on? PS thanks for help in the past. Newbee2 |
| All times are GMT -7. The time now is 09:43 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright © 2020 Gnutella Forums.
All Rights Reserved.