S
Sparkplug
My AntiVirus software is blocking outbound access to 217.8.241.228,8005.
Any ideas what this is?
Thanks.
Any ideas what this is?
Thanks.
217.8.241.228
<snip>IP 217.8.241.228 resolves to:
Because they are trying to be inconspicuous. And they are thinking that<snip>
I got to that moments after I posted. But why port 8005 on an outbound TCP
connection?
Because they are trying to be inconspicuous. And they are thinking that
that that random port will be open
Are you saying that ZA caught this IP as the Source or the Destination?
Well, sounds to me like you have a trojan installed. Better get itIt is the destination.
The Cleaning Wonder Boy said:On Tue, 26 Oct 2004 15:14:55 -0500, The Cleaning Wonder Boy
Well, sounds to me like you have a trojan installed. Better get it
before it does damage.
It's harmless, he's been browsing our website and the live chat server (see
the graphic on the left hand menu, and right click, properties), it runs a
script to detect if chat operators are available by connecting to a
webserver running on port 8005.
I don't subscribe to this newsgroup so if you want to follow this up please
drop me an e-mail.
Regards,
Tony Lucas
XCalibre Communications Ltd
http://www.xcalibre.co.uk