Does Blinky show real transfer? (Solved)
Does Blinky show real transfer? (Solved)
If I have no browser going and Blinky still show that some program do transfer of bytes and despite me trying to look what goes on using the
Menu - System - Pprocess or similar??? but I see nothing obvious going on.
What else can explain that Blinky trust some program doing that transfer of bytes?
Is it false positive a graphic novelty or am my machine attacked by hidden clever to hide programs from outside?
Where are such attempts logged?
Menu - System - Pprocess or similar??? but I see nothing obvious going on.
What else can explain that Blinky trust some program doing that transfer of bytes?
Is it false positive a graphic novelty or am my machine attacked by hidden clever to hide programs from outside?
Where are such attempts logged?
Last edited by nooby on Fri 10 Sep 2010, 18:29, edited 1 time in total.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
-
- Posts: 66
- Joined: Sun 25 Oct 2009, 14:23
- Location: The only place in tornado ally with no tornadoes
well I think blinky gets it's information from ifconfig no?
Then those bytes must be from the dhcp system when it's getting your address.
And if there are anymore after you first set up wifi then its some external program.
My two cents on the matter
Then those bytes must be from the dhcp system when it's getting your address.
And if there are anymore after you first set up wifi then its some external program.
My two cents on the matter
[img]http://www.robotech.com/images/content/MEC_17_1_6899.gif[/img]
[b]Really,you wanna mess with me?[/b]
[b]Really,you wanna mess with me?[/b]
nooby,
What applications do you have on the taskbar? Popular browsers "phone home" or phone their sponsors on a regular basis.
Run netstat in an rxvt window. That will show you the applications that are sending and recieving bytes. You can make it auto repeat. Look at the help: netstat -h
You may find Jnettop http://www.murga-linux.com/puppy/viewtopic.php?t=59010 useful too.
What applications do you have on the taskbar? Popular browsers "phone home" or phone their sponsors on a regular basis.
Run netstat in an rxvt window. That will show you the applications that are sending and recieving bytes. You can make it auto repeat. Look at the help: netstat -h
You may find Jnettop http://www.murga-linux.com/puppy/viewtopic.php?t=59010 useful too.
Now that I am at puppy I guess the Netstat should show Murga server
IP : 173.194.15.84 Neighborhood
Host : ?
Country : United States
and maybe this 74..... below is the SeaMonkey update server?
IP : 74.125.77.102
Host : ew-in-f102.1e100.net in USA
Maybe Murga is hosted in USA? Or the DNS lookup is hosted by such server. These are listen to traffic on port 80.
I have to log out and shut down to find out what is going on when no browser is active.
Edit after shutting down SeaMonkey.
Nope there where even more such ip addresses at 74.125. xx maybe 5 more going on. Waiting it says.
Which ip look up is best to use for such purposes?
IP : 173.194.15.84 Neighborhood
Host : ?
Country : United States
and maybe this 74..... below is the SeaMonkey update server?
IP : 74.125.77.102
Host : ew-in-f102.1e100.net in USA
Maybe Murga is hosted in USA? Or the DNS lookup is hosted by such server. These are listen to traffic on port 80.
I have to log out and shut down to find out what is going on when no browser is active.
Edit after shutting down SeaMonkey.
Nope there where even more such ip addresses at 74.125. xx maybe 5 more going on. Waiting it says.
Which ip look up is best to use for such purposes?
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Thanks for looking up google ip for me.
I tried the other using google too and ...
And this one seems to be google too.
what am I supposed to do to stop them spying on me?
Hahah using Ms Bing or Yahoo instead.
I tried the other using google too and ...
And this one seems to be google too.
So my seaMonkey seems to trigger such things from google. thenNetRange: 173.194.0.0 - 173.194.255.255
CIDR: 173.194.0.0/16
OriginAS: AS15169
NetName: GOOGLE
NetHandle: NET-173-194-0-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.GOOGLE.COM
what am I supposed to do to stop them spying on me?
Hahah using Ms Bing or Yahoo instead.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Anything would be less invasive than Google who are systematically taking over the internet.nooby wrote: Hahah using Ms Bing or Yahoo instead.
If you are not using AdblockPlus in your browser then are you familiar with the hosts file? Try adding the following to /etc/hosts
Code: Select all
# [Google Inc]
127.0.0.1 pagead.googlesyndication.com
127.0.0.1 pagead2.googlesyndication.com #[Google AdWords]
127.0.0.1 adservices.google.com
127.0.0.1 video-stats.video.google.com
127.0.0.1 www.google-analytics.com #[Google Analytics]
127.0.0.1 4.afs.googleadservices.com
127.0.0.1 imageads.googleadservices.com #[Ewido.TrackingCookie.Googleadservices]
127.0.0.1 partner.googleadservices.com
127.0.0.1 www.googleadservices.com
127.0.0.1 apps5.oingo.com #[Microsoft.Typo-Patrol]
127.0.0.1 www.appliedsemantics.com
127.0.0.1 service.urchin.com #[Urchin Tracking Module]
# [Google via DoubleClick][Tracking Service]
127.0.0.1 eqchmdnvip1.2mdn.net #[SiteAdvisor.zapspot]
127.0.0.1 m.2mdn.net
127.0.0.1 m1.au.2mdn.net
127.0.0.1 m.de.2mdn.net
127.0.0.1 m1.2mdn.net #[a509.cd.akamai.net]
127.0.0.1 m2.2mdn.net
127.0.0.1 m.fr.2mdn.net
127.0.0.1 m.uk.2mdn.net
127.0.0.1 rmcdn.2mdn.net
127.0.0.1 rmcdn.f.2mdn.net
127.0.0.1 n339.asp-cc.com
127.0.0.1 cc-dt.com
127.0.0.1 ads.cc-dt.com
127.0.0.1 clickserve.cc-dt.com
127.0.0.1 creative.cc-dt.com
127.0.0.1 clickserve.dartsearch.net
127.0.0.1 clickserve.eu.dartsearch.net
127.0.0.1 clickserve.uk.dartsearch.net
127.0.0.1 doubleclick.net #[McAfee.Cookie-Doubleclick]
127.0.0.1 ad.doubleclick.net #[MVPS.Criteria]
127.0.0.1 ad2.doubleclick.net #[Panda.Spyware:Cookie/Doubleclick]
127.0.0.1 ad.3ad.doubleclick.net
127.0.0.1 ad.3au.doubleclick.net
127.0.0.1 ad.adx.doubleclick.net
127.0.0.1 ad.ae.doubleclick.net
127.0.0.1 ad.ar.doubleclick.net
127.0.0.1 ad.au.doubleclick.net
127.0.0.1 ad.be.doubleclick.net
127.0.0.1 ad.br.doubleclick.net #[SunBelt.DoubleClick]
127.0.0.1 ad.ca.doubleclick.net
127.0.0.1 ad.ch.doubleclick.net
127.0.0.1 ad.cl.doubleclick.net
127.0.0.1 ad.cn.doubleclick.net
127.0.0.1 ad.de.doubleclick.net #[Tenebril.Tracking.Cookie]
127.0.0.1 ad.dk.doubleclick.net
127.0.0.1 ad.es.doubleclick.net
127.0.0.1 ad.fi.doubleclick.net
127.0.0.1 ad.fr.doubleclick.net
127.0.0.1 ad.gr.doubleclick.net
127.0.0.1 ad.hk.doubleclick.net
127.0.0.1 ad.hu.doubleclick.net
127.0.0.1 ad.ie.doubleclick.net
127.0.0.1 ad.in.doubleclick.net
127.0.0.1 ad.jp.doubleclick.net
127.0.0.1 ad.kr.doubleclick.net
127.0.0.1 ad.it.doubleclick.net
127.0.0.1 ad.nl.doubleclick.net
127.0.0.1 ad.no.doubleclick.net
127.0.0.1 ad.nz.doubleclick.net
127.0.0.1 ad.pl.doubleclick.net
127.0.0.1 ad.pt.doubleclick.net
127.0.0.1 ad.ro.doubleclick.net
127.0.0.1 ad.ru.doubleclick.net
127.0.0.1 ad.se.doubleclick.net
127.0.0.1 ad.sg.doubleclick.net
127.0.0.1 ad.terra.doubleclick.net
127.0.0.1 ad.th.doubleclick.net
127.0.0.1 ad.tw.doubleclick.net
127.0.0.1 ad.uk.doubleclick.net
127.0.0.1 ad.us.doubleclick.net
127.0.0.1 ad.za.doubleclick.net
127.0.0.1 ad.n2434.doubleclick.net
127.0.0.1 creatives.doubleclick.net
127.0.0.1 dfp.doubleclick.net
127.0.0.1 fls.doubleclick.net
127.0.0.1 ir.doubleclick.net
127.0.0.1 iv.doubleclick.net
127.0.0.1 ln.doubleclick.net #[Lycos]
127.0.0.1 m.doubleclick.net
127.0.0.1 m2.doubleclick.net
127.0.0.1 m3.doubleclick.net
127.0.0.1 m.us.doubleclick.net
127.0.0.1 motifcdn.doubleclick.net
127.0.0.1 motifcdn2.doubleclick.net
127.0.0.1 n3285ad.doubleclick.net
127.0.0.1 n3349ad.doubleclick.net
127.0.0.1 n4061ad.doubleclick.net
127.0.0.1 n4403ad.doubleclick.net
127.0.0.1 n479ad.doubleclick.net
127.0.0.1 n609ad.doubleclick.net
127.0.0.1 optout.doubleclick.net
127.0.0.1 optimize.doubleclick.net
127.0.0.1 optimize.3optimization.doubleclick.net
127.0.0.1 paypalssl.doubleclick.net
127.0.0.1 rd.intl.doubleclick.net
127.0.0.1 se1.doubleclick.net
127.0.0.1 twx.doubleclick.net
127.0.0.1 doubleclick.ne.jp
127.0.0.1 www3.doubleclick.net
127.0.0.1 www.doubleclick.net
127.0.0.1 doubleclick.com
127.0.0.1 ad.doubleclick.com
127.0.0.1 www2.doubleclick.com
127.0.0.1 www3.doubleclick.com
127.0.0.1 www.doubleclick.com
127.0.0.1 www.messagemedia.com
127.0.0.1 www.performics.com
127.0.0.1 doubleclick.shockwave.com
# [Google/DoubleClick via Falk AdSolution][Falk eSolutions AG]
127.0.0.1 a.as-eu.falkag.net
127.0.0.1 a.as-eu1.falkag.net
127.0.0.1 admin.as-eu.falkag.net
127.0.0.1 bw.as-eu.falkag.net
127.0.0.1 c.as-eu.falkag.net
127.0.0.1 data.as-eu.falkag.net
127.0.0.1 e.as-eu.falkag.net #[Ewido.TrackingCookie.Falkag]
127.0.0.1 f.as-eu.falkag.net
127.0.0.1 origin.as-eu.falkag.net
127.0.0.1 red.as-eu.falkag.net #[McAfee.Adware-Zeno]
127.0.0.1 red01.as-eu.falkag.net
127.0.0.1 sel.as-eu.falkag.net
127.0.0.1 a.as-test.falkag.net #[Panda.Spyware:Cookie/Falkag]
127.0.0.1 bw.as-test.falkag.net
127.0.0.1 red.as-test.falkag.net
127.0.0.1 sel.as-test.falkag.net
127.0.0.1 a.as-us.falkag.net #[SunBelt.as-us.falkag]
127.0.0.1 b.as-us.falkag.net
127.0.0.1 bw.as-us.falkag.net #[a1339.g.akamai.net]
127.0.0.1 c.as-us.falkag.net #[Tenebril.Tracking.Cookie]
127.0.0.1 data.as-us.falkag.net
127.0.0.1 e.as-us.falkag.net #[a1339.g.akamai.net]
127.0.0.1 origin.as-us.falkag.net
127.0.0.1 red.as-us.falkag.net
127.0.0.1 red01.as-us.falkag.net
127.0.0.1 s.as-us.falkag.net
127.0.0.1 sel.as-us.falkag.net
127.0.0.1 as1.falkag.de #[Ad-Aware.Tracking.Cookie]
127.0.0.1 www.falkag.de
127.0.0.1 ad1.adsolution.de
127.0.0.1 a.ads.t-online.de #[AdSolution-Website-Tag]
127.0.0.1 admin.ads.t-online.de
127.0.0.1 bw.ads.t-online.de
127.0.0.1 data.ads.t-online.de
127.0.0.1 homepage.t-online.de
127.0.0.1 red.ads.t-online.de
127.0.0.1 s.ads.t-online.de
127.0.0.1 toi.passul.t-online.de
127.0.0.1 count.passul.t-online.de
127.0.0.1 rc.loop.bild.t-online.de
127.0.0.1 tr.loop.bild.t-online.de
# [Green-Acres Services][Tracking Service]
127.0.0.1 123count.com #[SpySweeper.Spy.Cookie]
127.0.0.1 www.123count.com #[Ad-Aware.Tracking.Cookie]
127.0.0.1 www.123stat.com
127.0.0.1 web-stat.com #[SpySweeper.Spy.Cookie]
127.0.0.1 server3.web-stat.com
127.0.0.1 server4.web-stat.com
127.0.0.1 www.web-stat.com
127.0.0.1 count.webtrackingservices.com
127.0.0.1 seomatrix.webtrackingservices.com
127.0.0.1 wt.o.nytimes.com #[WebBug]
127.0.0.1 wt.ticketmaster.com #[ticketmaster.webtrends.akadns.net]
127.0.0.1 m.webtrends.com #[microsoft.webtrends.akadns.net]
127.0.0.1 webtrendslive.com #[SmartSource Data Collector]
127.0.0.1 statse.webtrendslive.com #[SDC Advanced Tracking Code]
127.0.0.1 dcs.wtlive.com #[SpySweeper.Spy.Cookie]
127.0.0.1 dcstest.wtlive.com
127.0.0.1 www.webtrends.net #[SunBelt.WebTrends]
127.0.0.1 www.netiq.com
Wow such a big list. Are that all the "partners" of google? Those that pay them for collecting what Car vehicle ads me look at
In another thread we also talk about netstat and programs that seems to be connected from scratch to a server.
Mine seems to only get triggered if I open a browser first.
If I reboot then no server is listed. So that feels a bit better than if there was an established connection from scratch. But sure such maybe can be hidden too?
Late at night here so I go to bed
In another thread we also talk about netstat and programs that seems to be connected from scratch to a server.
Mine seems to only get triggered if I open a browser first.
If I reboot then no server is listed. So that feels a bit better than if there was an established connection from scratch. But sure such maybe can be hidden too?
Late at night here so I go to bed
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
I'm not.Newcrest wrote:Anything would be less invasive than Google who are systematically taking over the internet.nooby wrote:Hahah using Ms Bing or Yahoo instead.
If you are not using AdblockPlus in your browser then are you familiar with the hosts file?
What will this do?Newcrest wrote:Try adding the following to /etc/hosts
It redirects the IP address to never never land.Shep wrote:What will this do?Newcrest wrote:Try adding the following to /etc/hosts
Originally the hosts file was meant to do what DNS servers do but on your local computer. While browser plugins like AdblockPlus are great for browsers they have no affect on other applications. Applications that phone home can often have an option switch to turn that off but they don't always. So using the hosts file is a more global solution and covers all your browsers and internet enabled applications.
http://www.mvps.org/winhelp2002/hosts.htm
So it's a local lookup table. But doesn't that mean that google could easily evade your /etc/hosts stonewalling by having its tattle-tale ware report back to a numeric IP address so no DNS lookup is needed?Newcrest wrote:Originally the hosts file was meant to do what DNS servers do but on your local computer.
Thanks for the info.
EDIT: I put that list into /etc/hosts now FF won't go to any of the "sponsored links" at the top of its search results.