darko999 Posted October 16, 2014 Share Posted October 16, 2014 I don't remember the last time I got infected, but knowing how to surf, what to download and so on, isn't enough.A few minutes ago I was surfing the web as usual when something that I found very extrange happened. My firewall PoP'ed up telling me that "Internet Explorer" was attempting to connect to a remote computer at "93.184.215.200" The issue is I have never been prompt from my Firewall about Internet Explorer attempting to connect to a remote computer when it is not running, "I use Pale Moon". in fact, I don't remember the last time I used it "IE". It was clearly not running in the task manager, but I understand it could be running hiden. The thing is, before allowing or denying this attempt I did a common "Ip Lookup" and I got this:inetnum: 93.184.212.0 - 93.184.215.255netname: EDGECAST-NETBLK-03After googling it I inmediately found this:http://www.ipillion.com/ip/93.184.215.73Which is about the same source, EdgeCast Networks.The thing is I don't believe this is a common and 100% safe and ignorable behavior right here.This network and it's ip range has recently been reported with nasty "hacking, malware, port scanning, reverse TCP desynchronization." I added myself to the complaints.The point is, nobody is safe of these massive malicious activities. Imagine if you are running your windows with no firewall at all, and you are not behind a router, you are literally wide open ready to be attacked. Believe it. I'm behind a router, even so this IP and it's people behind were able to make my Internet Explorer respond to their request, bypassing my router, windows firewall, and lucky for me, ESET personal firewall allowed my to Deny this attempt.All these techniquies they are using are becoming more common and massive. It becomes scary if you think a bit about it. Build your damn wall or get fkd. Link to comment Share on other sites More sharing options...
A.lemane Posted October 16, 2014 Share Posted October 16, 2014 scan ur sys using Stinger ! http://www.mcafee.com/us/downloads/free-tools/stinger.aspxDownload StingerDownload Stinger for x64 systems Link to comment Share on other sites More sharing options...
darko999 Posted October 16, 2014 Author Share Posted October 16, 2014 scan ur sys using Stinger ! http://www.mcafee.com/us/downloads/free-tools/stinger.aspxDownload StingerDownload Stinger for x64 systems Hi, thank you for the links. I ran a full scan with it "Even so I didn't believe I was somehow infected". And nothing was found, I think my system wasn't compromised. But I was checking the firewall logs and I have to say there have been more attempts from this IP, automatically blocked since I created a rule for it. Scary. Link to comment Share on other sites More sharing options...
dcs18 Posted October 16, 2014 Share Posted October 16, 2014 The point is, nobody is safe of these massive malicious activities.That is not completely true - you were faced with that firewall prompt only and only because your system is already compromised. ;) Link to comment Share on other sites More sharing options...
darko999 Posted October 16, 2014 Author Share Posted October 16, 2014 The point is, nobody is safe of these massive malicious activities.That is not completely true - you were faced with that firewall prompt only and only because your system is already compromised. ;)It depends on what we believe "Compromised" is.My system is not comprimised, since there is no penetration into the system. The system itself is clean, I deeply checked it.Port scaning and all these stuffs are made to get a vulnerable system, this wasn't the case. Link to comment Share on other sites More sharing options...
dcs18 Posted October 16, 2014 Share Posted October 16, 2014 The point is, nobody is safe of these massive malicious activities.That is not completely true - you were faced with that firewall prompt only and only because your system is already compromised. ;)It depends on what we believe "Compromised" is.My system is not comprimised, since there is no penetration into the system. The system itself is clean, I deeply checked it.Port scaning and all these stuffs are made to get a vulnerable system, this wasn't the case.I know how painful it is to be told to-the-face, that one's system is compromised.Wish you all the best- you're gonna need all the luck. Link to comment Share on other sites More sharing options...
darko999 Posted October 16, 2014 Author Share Posted October 16, 2014 The point is, nobody is safe of these massive malicious activities.That is not completely true - you were faced with that firewall prompt only and only because your system is already compromised. ;)It depends on what we believe "Compromised" is.My system is not comprimised, since there is no penetration into the system. The system itself is clean, I deeply checked it.Port scaning and all these stuffs are made to get a vulnerable system, this wasn't the case.I know how painful it is to be told to-the-face, that one's system is compromised.Wish you all the best- you're gonna need all the luck. It's easy to write down a forum, not to the face, whatever you want about someone else system.Luck? Nice joke. Link to comment Share on other sites More sharing options...
mike.mt Posted October 16, 2014 Share Posted October 16, 2014 It's easy to write down a forum, not to the face, whatever you want about someone else system.Luck? Nice joke.@darko999… You have nothing to worry about buddy…..Not Malware phoning home.One of your apps or visited websites is trying to connect to one of their many global servers to provide you with an enhanced media streaming connection from the originating site. Gaming, Video streaming etc.Many of the world’s top content streaming sites subscribe to their services. If you prefer to stream direct from source block the IP’s.December 10, 2007Walt Disney’s venture arm, Steamboat Ventures, has invested $6 million in content delivery network startup EdgeCast, one of the new entrants in the growing CDN market. The deal reflects the growing interest in the content delivery sector from Hollywood companies with enormous content libraries that may soon be streamed over the Internet. Other investors in EdgeCast include CinemaNow Chairman Mark Aminas and Jon Feltheimer, CEO of Lionsgate films.CDNs are significant users of data center services, and as more fledgling networks get funding, they will be better able to invest in data center space to expand their networks. In September EdgeCast leased data center space in Atlanta, Dallas and Seattle facilities operated by Switch and Data (SDXC). EdgeCast now has a presence in 12 Switch and Data sites.In 2014 the company has grown to be one of the world’s leading Content Delivery Network Providers.Site Quote:- The EdgeCast Content Delivery Network is a distributed global network of thousands of servers built for speed, security, and scalability. A CDN enables websites to grow, handle spikes without a hitch, stream to thousands of viewers concurrently, secure their websites from attacks, and accelerate complex web applications. Our network is built for speed and reliability, which is why we routinely outperform legacy CDNs in independent performance tests.Your website is in one place, your visitors are everywhere. Speed up your entire site — serve both dynamic and static content from an optimal CDN location, at the fastest possible speedhttp://www.edgecast.com/solutions/ Link to comment Share on other sites More sharing options...
A.lemane Posted October 16, 2014 Share Posted October 16, 2014 Make sens ^_^ Link to comment Share on other sites More sharing options...
SnakeMasteR Posted October 16, 2014 Share Posted October 16, 2014 Here some old topic http://www.dslreports.com/forum/r26753485-System-process-connected-to-remote-ip Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.