Newsgroup Post Interference

Discussion in 'Computer Security' started by tightwad, Dec 28, 2005.

  1. tightwad

    tightwad Guest

    I have been plauged with problem when trying to respond to posts about
    the scandal with Govt snooping. I get a screen saying too many
    connections etc etc. When I go to NNTP there are No NNTP connections.
    Norton isn't doing a damn thing. I get connections with places like
    France Telecom, Pistol River Telecom, another one on an Apache
    Reservation near Phoenix and a variety of others.
    Whe I first fire up there may be 15 or 20 connections with any corner of
    the globe. Norton says it blocks them but log shows incoming and
    outgoing traffic.
    Ad Aware, Yahoo, Norton, Spybot aren't worth a damn aparently. Everybody
    wants to see that there is nothing but geneology on this outfit aparently.
    Is there anything short of reformatting to stop what is aparently Adware?
    There is nothing I can do about BB. My IP is mysteriously hundreds of
    miles away from my provider now.
     
    tightwad, Dec 28, 2005
    #1
    1. Advertising

  2. tightwad

    Winged Guest

    tightwad wrote:
    > I have been plauged with problem when trying to respond to posts about
    > the scandal with Govt snooping. I get a screen saying too many
    > connections etc etc. When I go to NNTP there are No NNTP connections.
    > Norton isn't doing a damn thing. I get connections with places like
    > France Telecom, Pistol River Telecom, another one on an Apache
    > Reservation near Phoenix and a variety of others.
    > Whe I first fire up there may be 15 or 20 connections with any corner of
    > the globe. Norton says it blocks them but log shows incoming and
    > outgoing traffic.
    > Ad Aware, Yahoo, Norton, Spybot aren't worth a damn aparently. Everybody
    > wants to see that there is nothing but geneology on this outfit aparently.
    > Is there anything short of reformatting to stop what is aparently Adware?
    > There is nothing I can do about BB. My IP is mysteriously hundreds of
    > miles away from my provider now.


    If I understand your issue, bear in mind your post is a bit vague in
    technical terms, you may be infested with something similar to cool
    search which may have proxied your connection. There are several
    critters around which modify the winsock (windows assumed) similar to
    the method that cool search introduced. There are other possibilities
    as well however I would not assume it was related to your posts to
    Usenet.

    Without some detail on your winsock LSPs (advanced mode spybot) it would
    be difficult to guess because there are other ways to hijack a
    connection. Worse if you find and delete the winsock proxy in question,
    do not be surprised if your winsock quits working (ie network
    communication ceases).


    Have you looked to see if a proxy was established via the browser
    control panel? (A number of spyware packages simply set a proxy (common
    place with MS IE) but not impossible with other browsers and unpatched
    JAVA engine or unpatched system) (additional side note: not impossible
    with any winx system at the moment due to current OS vulnerabilities.)

    Personally I suspect malware instead of the "government".

    The government might listen but typically they have more to be involved
    with than to be worried about secret worries from conspirators who are
    not in a position to know. Conspiracy theorists have existed since
    recorded time but in these times there are bigger issues on the radar
    than to screw with someones computer. If big brother was concerned they
    would listen to your communications very successfully without tipping
    their hat. If you were a threat, you would just disappear
    somewhere...or suffer an inexplainable gas leak, random drive by, staph
    infection, ebola if you were loved... uh possibilities are endless...but
    typically they would, by far far higher probability, just collect the
    evidence for prosecution and locate associated malcontents for files and
    potential monitoring. In spite of many peoples belief, government folks
    are not inherently evil, in fact the ones I know, have altruistic
    patriotic motives in their activities.

    If your IP and your apparent IP are different, and you can see no direct
    communication via netstat -a to remote domain, I might suspect a root
    kit on system. You can check for this using System Internals Rootkit
    Revealer http://www.sysinternals.com/utilities/rootkitrevealer.html

    Bear in mind these are not the only possibilities, but are only my best
    guess from vague problem definition.

    Winged
     
    Winged, Jan 5, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ziggy
    Replies:
    26
    Views:
    1,160
    Zaltor
    Oct 22, 2003
  2. baaas
    Replies:
    4
    Views:
    555
    Blinky the Shark
    Jun 9, 2005
  3. Replies:
    0
    Views:
    858
  4. The Magnficent Bastard

    Post Your Three Favorite Movies - I Post Facts About You

    The Magnficent Bastard, Oct 4, 2003, in forum: Digital Photography
    Replies:
    249
    Views:
    3,462
    Soapy
    Jan 11, 2004
  5. tightwad

    Newsgroup Post Interference

    tightwad, Dec 28, 2005, in forum: Computer Security
    Replies:
    1
    Views:
    429
    Notan
    Dec 28, 2005
Loading...

Share This Page