infected out of the box

Discussion in 'NZ Computing' started by pedwin, Aug 18, 2007.

  1. pedwin

    pedwin Guest

    WTF is Windows Vista doing sending unauthorised packets to a University in
    Asia?.

    Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
    it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    So I have a look at the log file on the Linux firewall/gateway and it
    appears that Vista is trying to connect with 221.9.142.91.

    (A few years ago a simillar thing happened with Win2K, except that the IP
    number it tried to send data to was 165.246.99.95.)

    If Windows security wasn't so seriously flawed it would be a joke.

    :)Peter
    pedwin, Aug 18, 2007
    #1
    1. Advertising

  2. In message <>, pedwin wrote:

    > If Windows security wasn't so seriously flawed it would be a joke.


    Would you say I was overreacting if I claimed that only a fool would use
    such a system for internet banking?
    Lawrence D'Oliveiro, Aug 18, 2007
    #2
    1. Advertising

  3. pedwin wrote:
    > WTF is Windows Vista doing sending unauthorised packets to a University in
    > Asia?.
    >
    > Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
    > it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    > So I have a look at the log file on the Linux firewall/gateway and it
    > appears that Vista is trying to connect with 221.9.142.91.
    >
    > (A few years ago a simillar thing happened with Win2K, except that the IP
    > number it tried to send data to was 165.246.99.95.)
    >
    > If Windows security wasn't so seriously flawed it would be a joke.
    >
    > :)Peter


    NTP ?
    Windowsupdate ?

    Port number ?
    Protocol?

    Tried capturing the packets ?
    Mark Robinson, Aug 18, 2007
    #3
  4. pedwin

    Richard Guest

    pedwin wrote:
    > WTF is Windows Vista doing sending unauthorised packets to a University in
    > Asia?.
    >
    > Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
    > it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    > So I have a look at the log file on the Linux firewall/gateway and it
    > appears that Vista is trying to connect with 221.9.142.91.
    >
    > (A few years ago a simillar thing happened with Win2K, except that the IP
    > number it tried to send data to was 165.246.99.95.)
    >
    > If Windows security wasn't so seriously flawed it would be a joke.


    Perhaps it was already there, only inactive since ME is so out of date
    that its not funny, and it only started to run once you had a more
    current OS on it with the library's that the virus/whatever required?

    Did you check it before upgrading? Anyway, a machine that came with ME
    is probably in no position to run vista...
    Richard, Aug 18, 2007
    #4
  5. pedwin

    Gordon Guest

    On 2007-08-18, Lawrence D'Oliveiro <_zealand> wrote:
    > In message <>, pedwin wrote:
    >
    >> If Windows security wasn't so seriously flawed it would be a joke.

    >
    > Would you say I was overreacting if I claimed that only a fool would use
    > such a system for internet banking?


    Even the banks have latched onto this idea. For they say that they will not
    pay until one has proven to their satisfaction that *your* system did not
    cause the sucessful raid on your bank account
    Gordon, Aug 18, 2007
    #5
  6. pedwin

    Cadae Guest

    "pedwin" <> wrote in message
    news:...
    > WTF is Windows Vista doing sending unauthorised packets to a University in
    > Asia?.
    >
    > Right, so I upgrade my mate's kids computer to Vista from ME. No sooner
    > than
    > it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    > So I have a look at the log file on the Linux firewall/gateway and it
    > appears that Vista is trying to connect with 221.9.142.91.
    >
    > (A few years ago a simillar thing happened with Win2K, except that the IP
    > number it tried to send data to was 165.246.99.95.)
    >
    > If Windows security wasn't so seriously flawed it would be a joke.
    >
    > :)Peter
    >


    Thanks to google, it seems like someone with a similar handle and problem
    description to yours (new windows box, linux firewall) has had problems
    with that same 221.9.142.91 address in May 2006, well before Vista was
    released.

    http://www.webservertalk.com/archive236-2006-5-1500222.html
    http://linux.hostweb.com/TopicMessages/comp.os.linux.networking/1814841/1/Default.aspx

    Maybe there's something else in your network that is infected, perhaps it's
    the common factor between the May 2006 problems and your current problems -
    the Linux firewall ?


    PC
    Cadae, Aug 18, 2007
    #6
  7. pedwin

    E. Scrooge Guest

    "pedwin" <> wrote in message
    news:...
    > WTF is Windows Vista doing sending unauthorised packets to a University in
    > Asia?.
    >
    > Right, so I upgrade my mate's kids computer to Vista from ME. No sooner
    > than
    > it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    > So I have a look at the log file on the Linux firewall/gateway and it
    > appears that Vista is trying to connect with 221.9.142.91.
    >
    > (A few years ago a simillar thing happened with Win2K, except that the IP
    > number it tried to send data to was 165.246.99.95.)
    >
    > If Windows security wasn't so seriously flawed it would be a joke.
    >
    > :)Peter


    Good try, but only proves that you and computers don't mix very well at all.

    You weren't working on a new computer out of the box at all.
    The computer has been connected to the God knows for how many years.

    More fool you for upgrading an old computer that was working well enough as
    it was.

    E. Scrooge
    E. Scrooge, Aug 19, 2007
    #7
  8. pedwin

    thingy Guest

    pedwin wrote:
    > WTF is Windows Vista doing sending unauthorised packets to a University in
    > Asia?.
    >
    > Right, so I upgrade my mate's kids computer to Vista from ME. No sooner than
    > it reboots the hub lights up. Hello methinks. This happened to Win2K also.
    > So I have a look at the log file on the Linux firewall/gateway and it
    > appears that Vista is trying to connect with 221.9.142.91.
    >
    > (A few years ago a simillar thing happened with Win2K, except that the IP
    > number it tried to send data to was 165.246.99.95.)
    >
    > If Windows security wasn't so seriously flawed it would be a joke.
    >
    > :)Peter


    China? one has to wonder on upgrading ME to Vista....did you have a
    legal copy?

    ;]

    inetnum: 221.8.0.0 - 221.9.255.255
    netname: CNCGROUP-JL
    descr: No.156,Fu-Xing-Men-Nei Street,
    descr: CNC Group JILIN province network
    descr: China Network Communications Group Corporation
    descr: No.156,Fu-Xing-Men-Nei Street,
    descr: Beijing 100031
    country: CN


    route: 221.8.0.0/15
    descr: CNC Group CHINA169 Jilin Province Network
    country: CN
    origin: AS4837
    mnt-by: MAINT-CNCGROUP-RR

    source: APNIC

    role: CNCGroup Hostmaster
    address: No.156,Fu-Xing-Men-Nei Street,
    address: Beijing,100031,P.R.China

    It is possible there was a legal DNS lookup and in fact the DNS was
    poisoned to give that IP, and there could be other possibilities. ie you
    really need to pick up the complete stream to figure out what was really
    going on...

    regards

    Thing
    thingy, Aug 19, 2007
    #8
  9. pedwin

    Cima Guest


    > Right, so I upgrade my mate's kids computer to Vista from ME.


    Uhuh. Not that a 7 year old PC would be capable of running it, but:

    "Microsoft Vista Home Premium Upgrade. Upgrade from your current edition of
    Microsoft Windows XP or Windows 2000 (including Windows XP Professional, Windows
    XP Home, Windows XP Media Center, Windows XP Tablet PC, Windows XP Professional
    x64, Windows 2000)."

    ME appears to be missing.
    Cima, Aug 19, 2007
    #9
  10. pedwin

    Jerry Guest

    Cima wrote:
    >
    >> Right, so I upgrade my mate's kids computer to Vista from ME.

    >
    > Uhuh. Not that a 7 year old PC would be capable of running it, but:
    >
    > "Microsoft Vista Home Premium Upgrade. Upgrade from your current edition of
    > Microsoft Windows XP or Windows 2000 (including Windows XP Professional, Windows
    > XP Home, Windows XP Media Center, Windows XP Tablet PC, Windows XP Professional
    > x64, Windows 2000)."
    >
    > ME appears to be missing.


    You are right, ME won't upgrade to Vista.
    http://www.microsoft.com/windows/products/windowsvista/buyorupgrade/upgradepaths.mspx
    Jerry, Aug 20, 2007
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. JM

    Re: Windows registry infected?

    JM, Jul 10, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    1,141
  2. Tommy Halnet

    w2k box cannot browse w98 box with netbeui

    Tommy Halnet, Jan 2, 2004, in forum: Computer Support
    Replies:
    0
    Views:
    423
    Tommy Halnet
    Jan 2, 2004
  3. VRao

    How to delete list box(text box)

    VRao, Jan 24, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    2,670
    Sultan
    Jan 24, 2004
  4. Doug Fox
    Replies:
    10
    Views:
    719
    donutbandit
    Feb 28, 2004
  5. X Box VS X Box 360

    , Nov 26, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    451
Loading...

Share This Page