Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Some networth* help!?! ACK!
Posted by: pixelninja
Date: September 09, 2008 02:06PM

Your blog posts are the up most. If anyone knows about my problem you would. If you have the time! Thanks.

Ok for starters Ill start off with the regular praise of this site and its members. I like to ask questions to someone who knows wtf there doing instead of some of the other sites knowing close to nothing about what Im going to say...thanks in advance for any help with this.

Earlier I started up ethereal to see why my network was running slowly. I found this (sent to hazl0oh.is-a-chef.com 65.24.7.10) a small amount of data trying to go to that ip. After some research I found it was some sort of bd supposedly it uses your current default browser to communicate with the listed website.

I have no out of the ordinary running process's updated version on nod32. I see nothing out of the ordinary other than the ip isn't resolving for me.

Here is a screenshot. Anyone know what this is, how I can get rid of it? Or better yet what to look for so I can check it out myself in detail, it looks like it works rather well.

Go to the store to buy something you might get what you want.
Go to the source to buy something you will get what you want.

I love this site@_@

SS:


ceaserone(@)gmail.com

Options: ReplyQuote
Re: Some networth* help!?! ACK!
Posted by: id
Date: September 09, 2008 02:56PM

the screenshot is of the DNS request looking up the address of hazl0oh.is-a-chef.com, it isn't malicious traffic itself. You need to capture traffic going to:

Name: hazl0oh.is-a-chef.com
Address: 84.137.227.47

then we might be able to help you.

-id

Options: ReplyQuote
Re: Some networth* help!?! ACK!
Posted by: pixelninja
Date: September 09, 2008 03:00PM

did you get 84.137.227.47 form resolving that .com?

I will capture some of these can I send them to your email id?

Options: ReplyQuote
Re: Some networth* help!?! ACK!
Posted by: id
Date: September 09, 2008 03:04PM

yes, your packet dump was of the DNS request to roadrunner's DNS server (65.24.7.10) doing an A record lookup on hazl0oh.is-a-chef.com, which resolves to 84.137.227.47.

you can send them, but I don't have tons of time, so not promising anything. Or just post here and get more eyes on it.

-id

Options: ReplyQuote
Re: Some networth* help!?! ACK!
Posted by: pixelninja
Date: September 09, 2008 03:06PM

Thats what I will do....ofcourse I was thinking to much into this and didnt realize it was my own isp's ip now i see it.

Thanks for the help Ill get these together

Options: ReplyQuote


Sorry, only registered users may post in this forum.