Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > IE Browser redirection

Reply
Thread Tools

IE Browser redirection

 
 
Del Reedy
Guest
Posts: n/a
 
      07-17-2004
Hi

I'm having a problem with IE6.

When I attempt to connect to any website with IE6, at the bottom
it says "attempting to connect to 127.0.0.1", then I get the error:
"The page cannot be displayed"

After doing some google research I think this is possibly the result of
of a partially uninstalled pop-up blocking program (which I wouldn't
know the name of).

There is a registry entry (below) which I think directs all of Internet
Explorer's http requests to a proxy server on the localhost. Although
nothing seems to be listening on 8080, which explains the blank page.

Hijackthis shows the following entry

HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer
= http=localhost:8080

Which I suspect is the reason why, when I open IE it tries to connect to
127.0.0.1.

If I delete the registry entry above it gets written back the next time I
open IE.

If I delete the entry above and immediately rescan with hijackthis a few new
ones appear:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = <local>

Even if I delete the new ones, later when I run IE the original one will get
written back.

So the problem is that I can't seem to get rid of this entry, and it's
driving me crazy.

HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer
= http=localhost:8080

What can I do to prevent this or discover the program that is changing the
registry entries?

Thanks in advance.


 
Reply With Quote
 
 
 
 
Dave
Guest
Posts: n/a
 
      07-17-2004
this is probably because there is a program running that replaces the
registry keys as fast as you delete them. scan some more, use other
programs, you need to find the malware that is writing the registry keys,
they don't just show up on their own.

"Del Reedy" <(E-Mail Removed)> wrote in message
news:ijgKc.1746$(E-Mail Removed) k.net...
> Hi
>
> I'm having a problem with IE6.
>
> When I attempt to connect to any website with IE6, at the bottom
> it says "attempting to connect to 127.0.0.1", then I get the error:
> "The page cannot be displayed"
>
> After doing some google research I think this is possibly the result of
> of a partially uninstalled pop-up blocking program (which I wouldn't
> know the name of).
>
> There is a registry entry (below) which I think directs all of Internet
> Explorer's http requests to a proxy server on the localhost. Although
> nothing seems to be listening on 8080, which explains the blank page.
>
> Hijackthis shows the following entry
>
> HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet

Settings,ProxyServer
> = http=localhost:8080
>
> Which I suspect is the reason why, when I open IE it tries to connect to
> 127.0.0.1.
>
> If I delete the registry entry above it gets written back the next time I
> open IE.
>
> If I delete the entry above and immediately rescan with hijackthis a few

new
> ones appear:
>
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
>

http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = <local>
>
> Even if I delete the new ones, later when I run IE the original one will

get
> written back.
>
> So the problem is that I can't seem to get rid of this entry, and it's
> driving me crazy.
>
> HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet

Settings,ProxyServer
> = http=localhost:8080
>
> What can I do to prevent this or discover the program that is changing the
> registry entries?
>
> Thanks in advance.
>
>



 
Reply With Quote
 
 
 
 
Courtney
Guest
Posts: n/a
 
      07-17-2004
Del Reedy wrote:
> Hi
>
> I'm having a problem with IE6.
>
> When I attempt to connect to any website with IE6, at the bottom
> it says "attempting to connect to 127.0.0.1", then I get the error:
> "The page cannot be displayed"
>
> After doing some google research I think this is possibly the result of
> of a partially uninstalled pop-up blocking program (which I wouldn't
> know the name of).
>
> There is a registry entry (below) which I think directs all of Internet
> Explorer's http requests to a proxy server on the localhost. Although
> nothing seems to be listening on 8080, which explains the blank page.
>
> Hijackthis shows the following entry
>
> HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer
> = http=localhost:8080
>
> Which I suspect is the reason why, when I open IE it tries to connect to
> 127.0.0.1.
>
> If I delete the registry entry above it gets written back the next time I
> open IE.
>
> If I delete the entry above and immediately rescan with hijackthis a few new
> ones appear:
>
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = <local>
>
> Even if I delete the new ones, later when I run IE the original one will get
> written back.
>
> So the problem is that I can't seem to get rid of this entry, and it's
> driving me crazy.
>
> HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer
> = http=localhost:8080
>
> What can I do to prevent this or discover the program that is changing the
> registry entries?
>
> Thanks in advance.
>
>

Open IE and go to Tools, Internet Options, Connections, LAN Settings.
Make sure all boxes and checkboxes are cleared.

courtney sends....
 
Reply With Quote
 
Duane Arnold
Guest
Posts: n/a
 
      07-17-2004
>
> What can I do to prevent this or discover the program that is changing
> the registry entries?
>


If you suspect it's a program or malware that's doing it, then using
Process Explorer and looking at running processes and what's running inside
a running process may help you pin point the culprit.

http://www.devhood.com/tools/tool_de...px?tool_id=743

http://www.windowsecurity.com/articl...n_Horses_and_R
ootkit_Tools_in_a_Windows_Environment.html

Duane
 
Reply With Quote
 
Lawrence Abrams
Guest
Posts: n/a
 
      07-17-2004
"Del Reedy" <(E-Mail Removed)> wrote in message
news:ijgKc.1746$(E-Mail Removed) k.net...
> Hi
>
> I'm having a problem with IE6.
>
> When I attempt to connect to any website with IE6, at the bottom
> it says "attempting to connect to 127.0.0.1", then I get the error:
> "The page cannot be displayed"
>
> After doing some google research I think this is possibly the result of
> of a partially uninstalled pop-up blocking program (which I wouldn't
> know the name of).


Please follow these steps in order to clean your computer of Malware which
can include Viruses, Trojans, Worms, Spyware, Hijackers and Dialers.

Step 1:
Download Spybot and Adaware from the following locations and install them.
You should run both programs and clean up what it finds. This is to
gaurantee that you find the most malware you can installed on your computer.

Before running the scans on both programs, it is mandatory that you update
the programs. There are update options in each program when you run them.

Spybot
http://www.safer-networking.org/index.php?page=download

Ad-Aware
http://www.lavasoftusa.com/software/adaware/

If you would like to learn more about how to use these two programs with the
proper settings you can read the tutorials below:

AD-AWARE Tutorial
http://www.bleepingcomputer.com/foru...howtutorial=48

SPYBOT SEARCH AND DESTROY Tutorial
http://www.bleepingcomputer.com/foru...howtutorial=43

When you scan with both programs, fix everything that it finds.

When you are done with the scan and fixing the items. Please continue with
the next step.

Step 2:

It is important that you run Spybot and Adaware before you proceed with this
step. Fixing enties with Hijackthis may leave behind unwanted files on your
computer if the previous step was not done first.

Create a directory on your hardrive to save HijackThis.exe. A directory
like c:\hijackthis. If you do not do this, you will not be able to use the
backup/restore features.

Download HijackThis from:

http://www.spywareinfo.com/~merijn/files/hijackthis.zip

Save this file into the directory you made previously and then run the
program. Click on the Scan button and when it is finished click on the Save
Log button. A Notepad window will open with the contents of this log. Click
on Edit then click on Select all. Then click on Edit and then Click on
Copy.

Register an account at http://www.bleepingcomputer.com and post this created
log into the Hijackthis Logs forum at that site. To do this, once you are
registered, create a new post, right click in message area and select paste
to paste the log into the post.

An expert will reply to you after reading this post. DO NOT fix any entries
unless you are absolutely sure you know what you are doing as you may cause
more damage to the system

To see a tutorial on using HijackThis you can click on the link below.

http://www.bleepingcomputer.com/foru...howtutorial=42

--
Lawrence Abrams
http://www.bleepingcomputer.com
Source for Original Content, Tutorials, and Support for the beginning
computer user.


 
Reply With Quote
 
Jim
Guest
Posts: n/a
 
      07-17-2004
"Lawrence Abrams" <grinler-AT=bleepingcomputer.com> wrote in
news:(E-Mail Removed):

> Download HijackThis from:
>
> http://www.spywareinfo.com/~merijn/files/hijackthis.zip


"The requested URL /~merijn/files/hijackthis.zip was not found on
this server."

I did find it at

http://www.majorgeeks.com/download3155.html

however.

Jim
 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      07-18-2004
I hate to say this, as I make a living designing MS Networks for
businesses and run my own business on MS servers/products, but, after
this being the fifth time I'm going to have to wipe/reinstall my mother-
inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've decided
to move her (and others like her) to the linux platform.

Since she only does email, browses, quicken, and a couple other things
on her home computer, I don't think there is anything that SUSE 9.1
Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
package, I may even be able to run Office 2000 on her PC along with
Quicken.

I'm sticking with MS for my own company and clients, where I can control
the environment, but if I can swing it, it's going to be Linux (SUSE 9.1
or Fedora 2) for non-technical users.

--
--
http://www.velocityreviews.com/forums/(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
Duane Arnold
Guest
Posts: n/a
 
      07-18-2004
Leythos <(E-Mail Removed)> wrote in news:MPG.1b63a33769aa951898a7ae@news-
server.columbus.rr.com:

> I hate to say this, as I make a living designing MS Networks for
> businesses and run my own business on MS servers/products, but, after
> this being the fifth time I'm going to have to wipe/reinstall my

mother-
> inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've

decided
> to move her (and others like her) to the linux platform.
>
> Since she only does email, browses, quicken, and a couple other things
> on her home computer, I don't think there is anything that SUSE 9.1
> Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
> package, I may even be able to run Office 2000 on her PC along with
> Quicken.
>
> I'm sticking with MS for my own company and clients, where I can

control
> the environment, but if I can swing it, it's going to be Linux (SUSE

9.1
> or Fedora 2) for non-technical users.
>


Well, I went even further than that with my Mom as I had given her a
laptop with Win 2K on it using a dial-up connection. All she was doing
was email and nothing else. After having the machine UPS-ed a couple of
times with me eating the bill to disinfect it or wipe it clean or several
long phone conversations with other family members about Mom's computer,
I asked her did she want it back this last time and the answer was *NO*
she had fun with it and it was over. To be honest, I had with the whole
situation. Yes, I understand where you're coming from on this and non-
technical family members and the MS O/S.

Hopefully, MS will get the home environment under control and close the
O/S down on future releases of the MS O/S. I think they should completely
segregate the O/S in the future. One for business and one for home usage
as a solution that can be implemented as a lot of the features on the O/S
are not needed by the home user that are being exploited.

Duane


 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      07-18-2004
In article <Xns9529DB2EDCFB7notmenotmecom@63.240.76.16>, (E-Mail Removed)
says...
> Leythos <(E-Mail Removed)> wrote in news:MPG.1b63a33769aa951898a7ae@news-
> server.columbus.rr.com:
>
> > I hate to say this, as I make a living designing MS Networks for
> > businesses and run my own business on MS servers/products, but, after
> > this being the fifth time I'm going to have to wipe/reinstall my

> mother-
> > inlaws computer (WinXP, AV, Firewall, IE 6, Router, etc...) I've

> decided
> > to move her (and others like her) to the linux platform.
> >
> > Since she only does email, browses, quicken, and a couple other things
> > on her home computer, I don't think there is anything that SUSE 9.1
> > Personal can't deliver. In looking at CodeWeavers "CrossOver Office"
> > package, I may even be able to run Office 2000 on her PC along with
> > Quicken.
> >
> > I'm sticking with MS for my own company and clients, where I can

> control
> > the environment, but if I can swing it, it's going to be Linux (SUSE

> 9.1
> > or Fedora 2) for non-technical users.
> >

>
> Well, I went even further than that with my Mom as I had given her a
> laptop with Win 2K on it using a dial-up connection. All she was doing
> was email and nothing else. After having the machine UPS-ed a couple of
> times with me eating the bill to disinfect it or wipe it clean or several
> long phone conversations with other family members about Mom's computer,
> I asked her did she want it back this last time and the answer was *NO*
> she had fun with it and it was over. To be honest, I had with the whole
> situation. Yes, I understand where you're coming from on this and non-
> technical family members and the MS O/S.
>
> Hopefully, MS will get the home environment under control and close the
> O/S down on future releases of the MS O/S. I think they should completely
> segregate the O/S in the future. One for business and one for home usage
> as a solution that can be implemented as a lot of the features on the O/S
> are not needed by the home user that are being exploited.


Duane, don't get me wrong, I've never had a virus on any computer that
we directly manage, no spyware on any of our company computers, etc...
The thing is that we filter all web traffic, block sites based on
content types, block attachments types in emails, block downloads (by
type) from HTTP, etc... You just can't do that with a router that most
home users are using.

I've been reading about all the different versions of Nix, and it
appears that SUSE 9.1 Personal with WINE (the CrossOver product) will
still let her run MS Office XP Professional and Quicken, I'm trying it
this weekend.

She needs a computer in order to do some of the side work she does at
home (accounting), so I can't not give her a computer.

As for Dial-Up, it's no different than DSL/Cable/T1, it's still a real
connection with a public IP to the internet - it's just as easy to hack,
just slower. If you don't firewall a dial-up you get hacked - We had a
ColdFusion developer call us about his system being compromised, he was
on dial-up and thought that Dial-Up made it safe

--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
%$
Guest
Posts: n/a
 
      07-19-2004

***Special CONFIRMED Report. ****Assassins; who put Al-Qaeda to Shame.
The Number three most powerful man , after Dick Cheney & G.W. BUSH .

ALL Ariel Sharon's servants , Thugs & Murderers.

Karl ROVE & Ariel Sharon banking on their Syrian killers & Murderers &
Special Syrian Assassins of Assef Shawkat & Roustom Ghazali Working for
Sharon and the NEOCONS.
Special ICC Investigation; The Hague NL. & Belgium .

http://www.onlinejournal.com/Special...104madsen.html


Karl Rove's White House " Murder, Inc."

By Wayne Madsen .
Online Journal Contributing Writer .



JULY, 2004- On September 15, 2001, just four days after the 9-11 attacks,
CIA Director George Tenet provided President [sic] Bush with a Top Secret
"Worldwide Attack Matrix"-a virtual license to kill targets deemed to be a
threat to the United States in some 80 countries around the world. The Tenet
plan, which was subsequently approved by Bush, essentially reversed the
executive orders of four previous U.S. administrations that expressly
prohibited political assassinations.

According to high level European intelligence officials, Bush's counselor,
Karl Rove, used the new presidential authority to silence a popular Lebanese
Christian politician who was planning to offer irrefutable evidence that
Israeli Prime Minister Ariel Sharon authorized the massacre of hundreds of
Palestinian men, women, and children in the Beirut refugee camps of Sabra
and Shatilla in 1982. In addition, Sharon provided the Lebanese forces who
carried out the grisly task. At the time of the massacres, Elie Hobeika was
intelligence chief of Lebanese Christian forces in Lebanon who were battling
Palestinians and other Muslim groups in a bloody civil war. He was also the
chief liaison to Israeli Defense Force (IDF) personnel in Lebanon. An
official Israeli inquiry into the massacre at the camps, the Kahan
Commission, merely found Sharon "indirectly" responsible for the slaughter
and fingered Hobeika as the chief instigator.

The Kahan Commission never called on Hobeika to offer testimony in his
defense. However, in response to charges brought against Sharon before a
special war crimes court in Belgium, Hobeika was urged to testify against
Sharon, according to well-informed Lebanese sources. Hobeika was prepared to
offer a different version of events than what was contained in the Kahan
report. A 1993 Belgian law permitting human rights prosecutions was unusual
in that non-Belgians could be tried for violations against other
non-Belgians in a Belgian court. Under pressure from the Bush
administration, the law was severely amended and the extra territoriality
provisions were curtailed.

Hobeika headed the Lebanese forces intelligence agency since the mid- 1970s
and he soon developed close ties to the CIA. He was a frequent visitor to
the CIA's headquarters at Langley, Virginia. After the Syrian invasion of
Lebanon in 1990, Hobeika held a number of cabinet positions in the Lebanese
government, a proxy for the Syrian occupation authorities. He also served in
the parliament. In July 2001, Hobeika called a press conference and
announced he was prepared to testify against Sharon in Belgium and revealed
that he had evidence of what actually occurred in Sabra and Shatilla.
Hobeika also indicated that Israel had flown members of the South Lebanon
Army (SLA) into Beirut International Airport in an Israeli Air Force C130
transport plane. In full view of dozens of witnesses, including members of
the Lebanese army and others, SLA troops under the command of Major Saad
Haddad were slipped into the camps to commit the massacres. The SLA troops
were under the direct command of Ariel Sharon and an Israeli Mossad agent
provocateur named Rafi Eitan. Hobeika offered evidence that a former U.S.
ambassador to Lebanon was aware of the Israeli plot. In addition, the IDF
had placed a camera in a strategic position to film the Sabra and Shatilla
massacres. Hobeika was going to ask that the footage be released as part of
the investigation of Sharon.

After announcing he was willing to testify against Sharon, Hobeika became
fearful for his safety and began moves to leave Lebanon. Hobeika was not
aware that his threats to testify against Sharon had triggered a series of
fateful events that reached well into the White House and Sharon's office.

On January 24, 2002, Hobeika's car was blown up by a remote controlled bomb
placed in a parked Mercedes along a street in the Hazmieh section of Beirut.
The bomb exploded when Hobeika and his three associates, Fares Souweidan,
Mitri Ajram, and Waleed Zein, were driving their Range Rover past the
TNT-laden Mercedes at 9:40 am Beirut time. The Range Rover's four passengers
were killed in the explosion. In case Hobeika's car had taken another route
through the neighborhood, two additional parked cars, located at two other
choke points, were also rigged with TNT. The powerful bomb wounded a number
of other people on the street. Other parked cars were destroyed and
buildings and homes were damaged. The Lebanese president, prime minister,
and interior minister all claimed that Israeli agents were behind the
attack.

It is noteworthy that the State Department's list of global terrorist
incidents for 2002 worldwide failed to list the car bombing attack on
Hobeika and his party. The White House wanted to ensure the attack was
censored from the report. The reason was simple: the attack ultimately had
Washington's fingerprints on it.

High level European intelligence sources now report that Karl Rove
personally coordinated Hobeika's assassination. The hit on Hobeika employed
Syrian intelligence agents. Syrian President Bashar Assad was trying to
curry favor with the Bush administration in the aftermath of 9-11 and was
more than willing to help the White House. In addition, Assad's father,
Hafez Assad, had been an ally of Bush's father during Desert Storm, a period
that saw Washington give a "wink and a nod" to Syria's occupation of
Lebanon. Rove wanted to help Sharon avoid any political embarrassment from
an in absentia trial in Brussels where Hobeika would be a star witness. Rove
and Sharon agreed on the plan to use Syrian Military Intelligence agents to
assassinate Hobeika. Rove saw Sharon as an indispensable ally of Bush in
ensuring the loyalty of the Christian evangelical and Jewish voting blocs in
the United States. Sharon saw the plan to have the United States coordinate
the hit as a way to mask all connections to Jerusalem.

The Syrian hit team was ordered by Assef Shawkat, the number two man in
Syrian military intelligence and a good friend and brother in law of Syrian
President Bashar Assad. Assad's intelligence services had already cooperated
with U.S. intelligence in resorting to unconventional methods to extract
information from al Qaeda detainees deported to Syria from the United States
and other countries in the wake of 9-11. The order to take out Hobeika was
transmitted by Shawkat to Roustom Ghazali, the head of Syrian military
intelligence in Beirut. Ghazali arranged for the three remote controlled
cars to be parked along Hobeika's route in Hazmieh; only few hundred yards
from the Barracks of Syrian Special Forces which are stationed in the area
near the Presidential palace , the ministry of Defense and various
Government and officers quarters . This particular area is covered 24/7 by a
very sophisticated USA multi-agency surveillance system to monitor Syrian
and Lebanese security activities and is a " Choice " area to live in for its
perceived high security .

The plan to kill Hobeika had all the necessary caveats and built-in denial
mechanisms. If the Syrians were discovered beforehand or afterwards, Karl
Rove and his associates in the Pentagon's Office of Special Plans would be
ensured plausible deniability.

Hobeika's CIA intermediary in Beirut, a man only referred to as "Jason" by
Hobeika, was a frequent companion of the Lebanese politician during official
and off-duty hours. During Hobeika's election campaigns for his
parliamentary seat, Jason was often in Hobeika's office offering support and
advice. After Hobeika's assassination, Jason became despondent over the
death of his colleague. Eventually, Jason disappeared abruptly from Lebanon
and reportedly later emerged in Pakistan.

Karl Rove's involvement in the assassination of Hobeika may not have been
the last "hit" he ordered to help out Sharon. In March 2002, a few months
after Hobeika's assassination, another Lebanese Christian with knowledge of
Sharon's involvement in the Sabra and Shatilla massacres was gunned down
along with his wife in Sao Paulo, Brazil. A bullet fired at Michael Nassar's
car flattened one of his tires. Nassar pulled into a gasoline station for
repairs. A professional assassin, firing a gun with a silencer, shot Nassar
and his wife in the head, killing them both instantly. The assailant fled
and was never captured. Nassar was also involved with the Phalange militia
at Sabra and Shatilla. Nassar was also reportedly willing to testify against
Sharon in Belgium and, as a nephew of SLA Commander General Antoine Lahd,
may have had important evidence to bolster Hobeika's charge that Sharon
ordered SLA forces into the camps to wipe out the Palestinians.

Based on what European intelligence claims is concrete intelligence on
Rove's involvement in the assassination of Hobeika, the Bush administration
can now add political assassination to its laundry list of other misdeeds,
from lying about the reasons to go to war to the torture tactics in
violation of the Geneva Conventions that have been employed by the Pentagon
and "third country" nationals at prisons in Iraq and Guantanamo Bay.

Wayne Madsen is a Washington, DC-based investigative journalist and
columnist. He served in the National Security Agency (NSA) during the Reagan
administration and wrote the introduction to Forbidden Truth. He is the
co-author, with John Stanton, of "America's Nightmare: The Presidency of
George Bush II." His forthcoming book is titled: "Jaded Tasks: Big Oil,
Black Ops, and Brass Plates." Madsen can be reached at:
(E-Mail Removed)

This is some of the evidence for you and for the World ....


~~~encrypted/logs/access ~~~

Not to mention hundreds of private companies and governments. Anyway...
Lines 10-36
of my logfiles show a lot of interest in this article:

# grep sid=1052 /encrypted/logs/access_log|awk '{print $1,$7}'|sed -n
'10,36p'

spb-213-33-248-190.sovintel.ru /modules.php?name=News&file=article&sid=1052
ext1.shape.nato.int /modules.php?name=News&file=article&sid=1052
server1.namsa.nato.int /modules.php?name=News&file=article&sid=1052
ns1.saclantc.nato.int /modules.php?name=News&file=article&sid=1052
bxlproxyb.europarl.eu.int /modules.php?name=News&file=article&sid=1052
wdcsun18.usdoj.gov /modules.php?name=News&file=article&sid=1052
wdcsun21.usdoj.gov /modules.php?name=News&file=article&sid=1052
tcs-gateway11.treas.gov /modules.php?name=News&file=article&sid=1052
tcs-gateway13.treas.gov /modules.php?name=News&file=article&sid=1052
relay1.ucia.gov /modules.php?name=News&file=article&sid=1052
relay2.cia.gov /modules.php?name=News&file=article&sid=1052
relay2.ucia.gov /modules.php?name=News&file=article&sid=1052
n021.dhs.gov /modules.php?name=News&file=article&sid=1052
legion.dera.gov.uk /modules.php?name=News&file=article&sid=1052
gateway-fincen.uscg.mil /modules.php?name=News&file=article&sid=1052
crawler2.googlebot.com /modules.php?name=News&file=article&sid=1052
crawler1.googlebot.com /modules.php?name=News&file=article&sid=1052
gateway101.gsi.gov.uk /modules.php?name=News&file=article&sid=1052
gate11-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
gate13-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
fw1-a.osis.gov /modules.php?name=News&file=article&sid=1052
crawler13.googlebot.com /modules.php?name=News&file=article&sid=1052
fw1-b.osis.gov /modules.php?name=News&file=article&sid=1052
bouncer.nics.gov.uk /modules.php?name=News&file=article&sid=1052
beluha.ssu.gov.ua /modules.php?name=News&file=article&sid=1052
zukprxpro02.zreo.compaq.com
/modules.php?name=News&file=article&sid=1052....


To be continued ....

HOLLYWOOD FL.... ATTA & Aris2Chatton
DENVER CO
ART STUDENTS...
MOOVERS INC.@IL
Lakam & Mr.X.
Etc. Etc.




















 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mobile browser detection and redirection Carlos ASP .Net 4 08-11-2009 08:28 AM
Perl redirection to browser timeout ... JKH Perl Misc 3 11-17-2006 11:03 PM
browser detection and redirection jaydev HTML 41 10-27-2006 02:53 PM
browser detection and redirection jaydev ASP .Net 1 10-23-2006 08:53 PM
browser detection and redirection jaydev ASP .Net Web Services 0 10-23-2006 08:31 PM



Advertisments