packets content.

Discussion in 'LnS English Forum' started by solarpowered candle, Sep 9, 2004.

Thread Status:
Not open for further replies.
  1. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    I looked into a packet from my log after watching for a few days constant logging of a particular source address In the data it says
    " 0000:04 00 28 00 10 00 00 00 ..(....
    0008:00 00 00 00 00 00 00 00 ........
    0010:00 00 00 00 00 00 00 00 ........
    0018:F8 91 7B 5A 00 FF D0 11 ø‘{Z.ÿÐ
    0020:A9 B2 00 C0 4F B6 E6 FC ©².ÀO¶æü
    0028:FA 40 B9 E2 7B A0 8D F5 ú@¹â{ õ
    0030:3D 47 10 61 9E 54 28 A3 =GažT(£
    0038:00 00 00 00 01 00 00 00 ........
    0040:00 00 00 00 00 00 FF FF ......ÿÿ
    0048:FF FF 29 01 00 00 00 00 ÿÿ).....
    0050:08 00 00 00 00 00 00 00 ........
    0058:08 00 00 00 57 69 6E 64 ....Wind
    0060:6F 77 73 00 08 00 00 00 ows.....
    0068:00 00 00 00 08 00 00 00 ........
    0070:49 6E 66 65 63 74 65 00 Infecte.
    0078:F5 00 00 00 00 00 00 00 õ.......
    0080:F5 00 00 00 4D 69 63 72 õ...Micr
    0088:6F 73 6F 66 74 20 57 61 osoft Wa
    0090:72 6E 69 6E 67 21 20 20 rning!
    0098:59 6F 75 72 20 63 6F 6D Your com
    00A0:70 75 74 65 72 20 69 73 puter is
    00A8:20 69 6E 66 65 63 74 65 infecte
    00B0:64 20 77 69 74 68 20 73 d with s
    00B8:6F 66 74 77 61 72 65 20 oftware
    00C0:74 68 61 74 20 6E 6F 72 that nor
    00C8:6D 61 6C 20 56 49 52 55 mal VIRU
    00D0:53 0D 0A 70 61 63 6B 61 S..packa
    00D8:67 65 73 20 63 61 6E 6E ges cann
    00E0:6F 74 20 72 65 6D 6F 76 ot remov
    00E8:65 2E 20 20 54 68 65 79 e. They
    00F0:20 6D 6F 6E 69 74 6F 72 monitor
    00F8:20 79 6F 75 72 20 69 6E your in
    0100:74 65 72 6E 65 74 20 74 ternet t
    0108:72 61 66 66 69 63 20 61 raffic a
    0110:6E 64 20 69 73 20 61 20 nd is a
    0118:0D 0A 76 69 6F 6C 61 74 ..violat
    0120:69 6F 6E 20 6F 66 20 79 ion of y
    0128:6F 75 72 20 70 72 69 76 our priv
    0130:61 63 79 2E 20 20 50 6C acy. Pl
    0138:65 61 73 65 20 76 69 73 ease vis
    0140:69 74 20 74 68 65 20 6C it the l
    0148:69 6E 6B 20 62 65 6C 6F ink belo
    0150:77 20 66 6F 72 20 72 65 w for re
    0158:70 61 69 72 3A 0D 0A 0D pair:...
    0160:0A 77 77 77 2E 58 70 56 www.XpV
    0168:69 72 75 73 43 6C 65 61 irusClea
    0170:00 00 00 00 00 00 00 00 ........
    0178:00 .

    any one else experiencing similar
     
    solarpowered candle, Sep 9, 2004
    #1
  2. SvS

    SvS Security Expert

    Joined:
    Aug 28, 2004
    Posts:
    57
    You omitted the destination/target port info but this looks Messenger Service Spam.
     
    SvS, Sep 9, 2004
    #2
  3. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    yes that's definitly looks like a spam/advertising.
    If you did not have a firewall, this message would have been displayed on your desktop trying to scare you.
    Look'n'Stop has blocked it, but you can nevertheless see the message thanks to
    the information it displays.

    regards,

    gkweb.
     
    gkweb, Sep 9, 2004
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...