[Dshield] Is this normal?
usenet at linux.tola.org
Sat Jun 22 21:25:38 GMT 2002
At 01:22 22.6.2002 -0400, you wrote:
>Sorry all, but i really am still learning about all of this stuff.
>I just got home and checked my zone alarm alerts... and this was in it:
>The firewall has blocked Internet access to
><http://www.microsoft.com>www.microsoft.com (184.108.40.206) (ICMP Time
>Exceeded) from your computer.
>Occurred: 4 times between 6/21/02 5:27:16 PM and 6/21/02 5:28:02 PM
>I'm assuming that a microsoft program tried to look for updates? Why did
>it happen so many times?
Well, I don't know what actually happens there with you.
But I've noticed that something goes periodically to microsoft.com
from my Windows 2000. I have linux server that works as a firewall
and shares internet connection forward to my local network.
And by looking for a while traffic that goes past by my linux server,
I noticed some very minor traffic went to domain microsoft.com. While I sat
at the front of the linux computer and nothing was running
at the Windows 2000 end.
It's for a while I noticed this, so I can're exactly remember what
protocol(ICMP, TCP, UDP)
was used and what actually happened with traffic. But back then I figured
that it must be microsoft's own
feature. I didn't install any automatic update (not to my knowledge that
is) or similar where
I would have had reason to be in contact with microsoft.com automatitcally.
Nor did I
use any Microsoft services like hotmail, or msn.com. So there would have
know reason to contact there.
Microsoft is known to spook information about other microsoft products. If
I recall right,
Excell, Word etc. at Office packet sended their serials automatically over
network to Microsoft at some stage.
I guess to track the pirated Microsoft products.
Windows is anyway closed source code, which means lot of people don't know
what it exactly does
until they notice something funny. There propably is lot of what Microsoft
doesnt' tell about
way Windows works and what features it has. As a company, Microsoft of
intrest to know how much and where it's products are used.
And I still really don't really know what the idea contacting
was. Keeping tabs of how many Windows 2000 users there is?
- Antti not a paranoid person, just a realist.
More information about the list