Posted: Tue Feb 24, 2015 6:25 am Post subject: Computer accessing odd IP's
Recently I started running snort to monitor my computer's network activity while I was away. The results were a bit strange. I see that it's occasionally communicating with 2 odd websites. The IP's vary but seem to resolve to one of two websites:
Both of these seem to be uploading websites. A quick google search hasn't brought up any relevant information, so I was wondering if anyone was familiar with these two websites and had any ideas as to why my computer would be communicating with them.
Obviously my first suspicion is that I am infected, a quick scan with Panda Cloud AV came up with nothing (a couple cookies and a "potentially unwanted software" - toolbar installer). I'm hoping someone may be able to provide some insight. Thank you!
I would suggest installing winpcap or Wireshark, whichever you prefer. This will allow you to see what is actually being sent. In other words install either one and start logging the traffic on the interface in question.
So I spent last night and today while at work running Wireshark to see what's going on. I have not since seen any communication to any IPs resolving to those domains, and all communication seems to check out with different services running on the PC. I'll keep looking, thank you!
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum