Windows, Operating System, Security, Networking, Malware, Support, Forum, Help Site Check Our Facebook Page!
Notices
Security and Privacy Post any general questions related to security and privacy here.


Register your FREE account to unlock additional features at WindowsBBS.com
   
 
 
LinkBack Thread Tools
Old 23rd December 2002   #1
Inactive
THREAD STARTER
 
Profile:
Join Date: Mar 2002
Posts: 12
Computer Experience:
Experienced
rebarnes Reputation Level

deploy.akamaitechnologies.com


I am recieving constant high port activity on multiple IP's from deploy.akamaitechnologies.com . I have latest Virus Scan updates, running latest Zone Alarm. And I run Adaware and Spybot most every day. I am also behind a hardware firewall. The only way I can see this activity is through the use of a sniffer Commview. The hits come in on ports 64000 and up. I can shut down explorer and they keep a connection. Netstat does not show this connection at all.

Is this a trojan? Has anyone else seen this? Virus? What the heck is it?

rebarnes is offline  

 

Register
to remove this ad.
 
 

Old 23rd December 2002   #2
Inactive
 
Profile:
Join Date: Jan 2002
Location: NW Tn
Posts: 902
Computer Experience:
intermediate
aleekat Reputation Level

I didnt have time to view them all, but here is the link from google search. I think you dont have anthing to worry about.

Google

Extract:

Akamai provides 1000s of cache servers to prevent DOS attacks and improve software delivery. They use a DNS trick to point clients to the closest server run by Akamai that holds the content.


Last edited by aleekat; 23rd December 2002 at 12:57.
aleekat is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #3
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

Rebarnes

Hmmmmm....

Interesting.

I don't have them myself but doing a search with Copernic I found many references mostly bad but some good. I plan on looking into this more after the holidays.

The only good things mentioned are what Aleekat mentioned.

But in looking at Spamcorp and several other host files for blocking spam they are on most of them to be blocked which means they are percievied as bad.

I also found reference to bombardment from them in trying to make a connection. Pings and other probes. Almost a DOS attack itself. Seems to conflict with the few good refs.....

For additional info on your machine go to the command prompt and type

netstat -a |more

From what you said in this message, you may get quite a list!

I am not ready to advise you what to do yet, mabe someone else has more knowledge about this. But I will know more after the new year when I have more time.

If you try to add them to your host file to block remember that if the hosts file gets too large it is counter productive as it will slow down general access.

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #4
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

Rebarnes

Forgot....

You did not say what OS you use.

If win2k or XP and you are at home on a single computer go to command prompt and type

ipconfig /flushdns

then immediately go to SERVICES and set DHCP Client and DNS Client to manual and stop these services.

If you have any problems after this just put them back like they were.

If everything is OK retest ocassionaly and see if things change!!

Let us know!

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #5
Alumni
 
Profile:
Join Date: Jan 2002
Posts: 2,058
Computer Experience:
What experience?
brett Reputation Level

Akamai geo-map IP's enabling a person to be redirected to the web server which is geographically closest. This allows ad-servers to serve relevant content in an appropriate language (which is why Akamai is listed on several "block" sites) and can help to reduce download times. Akamai provides content on behalf of many well known companies such as Symantec. It wouldn't be a good idea to add the Akamai servers to your Hosts file - not unless you want to break a considerable number of sites and be unable to update your AV!

There are quite a few other companies which provide similar services. Look here.


Last edited by brett; 23rd December 2002 at 14:30.
brett is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #6
Inactive
THREAD STARTER
 
Profile:
Join Date: Mar 2002
Posts: 12
Computer Experience:
Experienced
rebarnes Reputation Level

To follow up: This is a WIN2K box on a company network. This machine is the only one recieving this type of activity. It is not just akamai, they are the main one though. I set up a host file to try and block them. But I still receive some high port hits.

rebarnes is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #7
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

If this is not a server you can still disable the items I mentioned and do the /flushdns.

Did you do them? Did you do the flushdns?

This will not effect sharing etc!

Remember host file to large and it will slow down this machine!

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #8
Inactive
THREAD STARTER
 
Profile:
Join Date: Mar 2002
Posts: 12
Computer Experience:
Experienced
rebarnes Reputation Level

DNS Client was already set to manual and stoped. I tried the ipconfig /flushdns. It returned a "could not flush the dns resolved cache" I then shut down the DHCP Client and tried Ipconfig again but still got could not flush.

rebarnes is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #9
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

Ok!

That is correct if DNS Client is aleadr off.

So that is I can do untill I reshearch more. After holidays!

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #10
Inactive
THREAD STARTER
 
Profile:
Join Date: Mar 2002
Posts: 12
Computer Experience:
Experienced
rebarnes Reputation Level

Thanks for your help mflynn.

rebarnes is offline  

Did you find this post helpful? Yes | No
Old 23rd December 2002   #11
Alumni
 
Profile:
Join Date: Jan 2002
Posts: 2,058
Computer Experience:
What experience?
brett Reputation Level

This may well be related to the browsing habits of the user of that machine. My guess would be that the (s)he is attempting to access Akamai-served streaming content using some form of media player (quite possibly Quicktime - especially if you're seeing UDP connections).


Last edited by brett; 23rd December 2002 at 19:48.
brett is offline  

Did you find this post helpful? Yes | No
Old 26th December 2002   #12
Inactive
THREAD STARTER
 
Profile:
Join Date: Mar 2002
Posts: 12
Computer Experience:
Experienced
rebarnes Reputation Level

That user would be me. I am not looking at streaming media. Yahoo, FoxNews and so on are the sights I hit including this sight. Still have not solved this problem.

rebarnes is offline  

Did you find this post helpful? Yes | No
Old 26th December 2002   #13
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

RE

Just reread entire thread!

Just noticed then that you say that netstat does not show this! This means you are seeing them somehow but they are not getting thu to the station??!!! I am not familiar with CommView. Is it perchance set to see past the router/firewall and not just the local port????

1. Are you directly connected to a personal HW firewall or is this a system firewall?

2. Are you absolutly sure that on another Win2k computer on the same domain/workgroup/subnet using same network config as you. That they don't show up using CommView?

3. Has the HW firewall or router been set to do any special port mapping/forwarding?

4. Can you see this from the HW firewall utility or logs?

Nuff for now, let us know what you find!

Newt if you are out there what do you think of this?

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 26th December 2002   #14
Alumni
 
Profile:
Join Date: Jan 2002
Posts: 2,058
Computer Experience:
What experience?
brett Reputation Level

Maybe something here will help.

brett is offline  

Did you find this post helpful? Yes | No
Old 26th December 2002   #15
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

Yeah Brett that sounds like it could be!

Did you have a good "Isle of Man" christmas?

Hope so.

Anyway RE they don't say where this HTML file is so zap everything. Run Disk Cleanup the get rid of the index.dat's.

Locate them in win2k then boot to dos if fat32 find and delete them, kill the pagefile also. If no fat32 then do you have dual boot. If not use recovery console to boot to the NTFS prompt to delete.

You need to temporarily uninstall quicktime. Review any web pages you visit that may provide streaming content even though you may be going there for other reasons.

Mike

mflynn is offline  

Did you find this post helpful? Yes | No


 

THIS THREAD HAS EXPIRED.

Are you having the same problem? Please post a new thread, but first you'll have to join us by Registering (FREE).



Discussion Forums
Operating Systems
Windows 8 Windows 8
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Legacy Windows OS Legacy Windows OS
Internet & Networking
Networking (Hardware & Software) Networking
Internet Explorer Internet Explorer
Microsoft Mail Microsoft Mail
Firefox, Thunderbird & SeaMonkey Firefox, Thunderbird
      & SeaMonkey

Web Applications & Cloud Web Applications & Cloud
General Internet
Security
Malware and Virus Removal Malware and Virus
     Removal

Security and Privacy Security and Privacy

Other
Other PC Software Other PC Software
Test Posts Test Posts
Hardware
PC Hardware PC Hardware
Mobile Devices Mobile Devices
Community
Introductions Introductions
General Discussions General Discussions
Site Comments & Suggestions Site Comments
      & Suggestions

News News @ WindowsBBS

Thread Tools


Find us on Facebook   Web Of Trust Rating

All times are GMT. The time now is 03:58.


Recent Discussions
BSoD (2)
DVD Drive (10)
Dell Studio 540 350watt psu require.. (11)
Unable to see other computers after.. (4)
Dump Data : BSoD 0x000000BE, bcmwl6.. (2)
Trouble seeing wireless printer Bro.. (4)
Keyboard and mouse freeze after a f.. (6)
Microsoft Windows 7 Support to End .. (5)
Cannot mount Seagate to Router (12)
Wrong CPU Installing (5)
Win 7 32 to win 7 64 bit using Easy.. (1)
Windows 7 OLEAUT32.DLL Error (4)
Malwarebytes Anti Exploit or MS EME.. (15)
Cannot access my website using IE 1.. (11)
External Hard Drive Question. (1)
Microsoft July 2014 Security Bullet.. (0)
converting office 2000 files to win.. (10)
XP fails to boot (4)


Donate!
Support Windows BBS!



Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO
Copyright 2002 - 2013 WindowsBBS.com. All rights reserved.
FDMA Media LLC
Terms of Use, Legal Information & Privacy Policy
Page generated in 0.14574 seconds with 7 queries