«

WTF is Windows Vista doing sending unauthorised packets to a University in
Asia?.

Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
it reboots the hub lights up. Hello methinks. This happened to Win2K also.
So I have a look at the log file on the Linux firewall/gateway and it
appears that Vista is trying to connect with 221.9.142.91.

(A few years ago a simillar thing happened with Win2K, except that the IP
number it tried to send data to was 165.246.99.95.)

If Windows security wasn't so seriously flawed it would be a joke.

Peter

In message <>, pedwin wrote:

> If Windows security wasn't so seriously flawed it would be a joke.

Would you say I was overreacting if I claimed that only a fool would use
such a system for internet banking?

pedwin wrote:
> WTF is Windows Vista doing sending unauthorised packets to a University in
> Asia?.
>
> Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
> it reboots the hub lights up. Hello methinks. This happened to Win2K also.
> So I have a look at the log file on the Linux firewall/gateway and it
> appears that Vista is trying to connect with 221.9.142.91.
>
> (A few years ago a simillar thing happened with Win2K, except that the IP
> number it tried to send data to was 165.246.99.95.)
>
> If Windows security wasn't so seriously flawed it would be a joke.
>
> Peter

NTP ?
Windowsupdate ?

Port number ?
Protocol?

Tried capturing the packets ?

pedwin wrote:
> WTF is Windows Vista doing sending unauthorised packets to a University in
> Asia?.
>
> Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
> it reboots the hub lights up. Hello methinks. This happened to Win2K also.
> So I have a look at the log file on the Linux firewall/gateway and it
> appears that Vista is trying to connect with 221.9.142.91.
>
> (A few years ago a simillar thing happened with Win2K, except that the IP
> number it tried to send data to was 165.246.99.95.)
>
> If Windows security wasn't so seriously flawed it would be a joke.

Perhaps it was already there, only inactive since ME is so out of date
that its not funny, and it only started to run once you had a more
current OS on it with the library's that the virus/whatever required?

Did you check it before upgrading? Anyway, a machine that came with ME
is probably in no position to run vista...

On 2007-08-18, Lawrence D'Oliveiro <_zealand> wrote:
> In message <>, pedwin wrote:
>
>> If Windows security wasn't so seriously flawed it would be a joke.
>
> Would you say I was overreacting if I claimed that only a fool would use
> such a system for internet banking?

Even the banks have latched onto this idea. For they say that they will not
pay until one has proven to their satisfaction that *your* system did not
cause the sucessful raid on your bank account

"pedwin" <> wrote in message
news:...
> WTF is Windows Vista doing sending unauthorised packets to a University in
> Asia?.
>
> Right, so I upgrade my mate's kids computer to Vista from ME. No sooner
> than
> it reboots the hub lights up. Hello methinks. This happened to Win2K also.
> So I have a look at the log file on the Linux firewall/gateway and it
> appears that Vista is trying to connect with 221.9.142.91.
>
> (A few years ago a simillar thing happened with Win2K, except that the IP
> number it tried to send data to was 165.246.99.95.)
>
> If Windows security wasn't so seriously flawed it would be a joke.
>
> Peter
>

Thanks to google, it seems like someone with a similar handle and problem
description to yours (new windows box, linux firewall) has had problems
with that same 221.9.142.91 address in May 2006, well before Vista was
released.

http://www.webservertalk.com/archive...5-1500222.html
http://linux.hostweb.com/TopicMessag...1/Default.aspx

Maybe there's something else in your network that is infected, perhaps it's
the common factor between the May 2006 problems and your current problems -
the Linux firewall ?


PC

"pedwin" <> wrote in message
news:...
> WTF is Windows Vista doing sending unauthorised packets to a University in
> Asia?.
>
> Right, so I upgrade my mate's kids computer to Vista from ME. No sooner
> than
> it reboots the hub lights up. Hello methinks. This happened to Win2K also.
> So I have a look at the log file on the Linux firewall/gateway and it
> appears that Vista is trying to connect with 221.9.142.91.
>
> (A few years ago a simillar thing happened with Win2K, except that the IP
> number it tried to send data to was 165.246.99.95.)
>
> If Windows security wasn't so seriously flawed it would be a joke.
>
> Peter

Good try, but only proves that you and computers don't mix very well at all.

You weren't working on a new computer out of the box at all.
The computer has been connected to the God knows for how many years.

More fool you for upgrading an old computer that was working well enough as
it was.

E. Scrooge

pedwin wrote:
> WTF is Windows Vista doing sending unauthorised packets to a University in
> Asia?.
>
> Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
> it reboots the hub lights up. Hello methinks. This happened to Win2K also.
> So I have a look at the log file on the Linux firewall/gateway and it
> appears that Vista is trying to connect with 221.9.142.91.
>
> (A few years ago a simillar thing happened with Win2K, except that the IP
> number it tried to send data to was 165.246.99.95.)
>
> If Windows security wasn't so seriously flawed it would be a joke.
>
> Peter

China? one has to wonder on upgrading ME to Vista....did you have a
legal copy?

;]

inetnum: 221.8.0.0 - 221.9.255.255
netname: CNCGROUP-JL
descr: No.156,Fu-Xing-Men-Nei Street,
descr: CNC Group JILIN province network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN


route: 221.8.0.0/15
descr: CNC Group CHINA169 Jilin Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR

source: APNIC

role: CNCGroup Hostmaster
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China

It is possible there was a legal DNS lookup and in fact the DNS was
poisoned to give that IP, and there could be other possibilities. ie you
really need to pick up the complete stream to figure out what was really
going on...

regards

Thing

> Right, so I upgrade my mate's kids computer to Vista from ME.

Uhuh. Not that a 7 year old PC would be capable of running it, but:

"Microsoft Vista Home Premium Upgrade. Upgrade from your current edition of
Microsoft Windows XP or Windows 2000 (including Windows XP Professional, Windows
XP Home, Windows XP Media Center, Windows XP Tablet PC, Windows XP Professional
x64, Windows 2000)."

ME appears to be missing.

Cima wrote:
>
>> Right, so I upgrade my mate's kids computer to Vista from ME.
>
> Uhuh. Not that a 7 year old PC would be capable of running it, but:
>
> "Microsoft Vista Home Premium Upgrade. Upgrade from your current edition of
> Microsoft Windows XP or Windows 2000 (including Windows XP Professional, Windows
> XP Home, Windows XP Media Center, Windows XP Tablet PC, Windows XP Professional
> x64, Windows 2000)."
>
> ME appears to be missing.

You are right, ME won't upgrade to Vista.
http://www.microsoft.com/windows/pro...radepaths.mspx