Should I worry about this?

Discussion in 'malware problems & news' started by tgell, Feb 1, 2006.

Thread Status:
Not open for further replies.
  1. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,076
    I recently installed filescab firewall on an old windows 98 machine. Yesterday I stopped an outbound system connection (not application) to 38.116.160.81. Using whois, I traced the IP to a company called "Performance Systems International Inc. COGENT-NB-0002". I did a kaspersky online scan and also a scan using antivir. Nothing was detected. Has anybody heard about these guys?

    Thanks
     
  2. StevieO

    StevieO Guest

    Well that's very curious as i have had quite a few inbounds from PSI in the last few weeks, along with a whole host of others you might raise your eyebrows at as i have ! In the course of doing a whois on a lot of the other inbounds, i discovered PSI. If you take a look at this thread you'll see the kind of Very interesting inbounds i'm getting daily.

    https://www.wilderssecurity.com/showthread.php?t=115870

    Google says Sorry, no information is available for the URL 38.116.160.81 But provides this info when typing in Performance Systems International Inc. Provides internet access, services and products, including dedicated and dial-up internet connectivity, corporate intranets, web hosting and collocation

    But if you put http://38.116.160.81 directly into your browser you get to here.

    http://img217.imageshack.us/img217/9528/tinypc13ft.png

    A bit strange if a whois gives us PS! ? PSI are located in VA Virginia USA, and some of the inbounds i've been getting from some of "Those" others are also in VA. After reading my thread above we might come to the conclusion that it's all some kind of coincidence, and in the PSI's inbounds case it maybe. But your outbound begs lots of questions, as do All my Very Interesting inbounds lately !


    StevieO
     
  3. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,076
    Thanks for the info. Very interesting. Makes me wonder about BIG BROTHER.
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    OrgName: Performance Systems International Inc.
    OrgID: PSI
    Address: 1015 31st St NW
    City: Washington
    StateProv: DC
    PostalCode: 20007
    Country: US

    NetRange: 38.0.0.0 - 38.255.255.255
    CIDR: 38.0.0.0/8
    NetName: PSINETA
    NetHandle: NET-38-0-0-0-1
    Parent:
    NetType: Direct Allocation
    NameServer: NS.PSI.NET
    NameServer: NS2.PSI.NET
    Comment: Reassignment information for this block can be found at
    Comment: rwhois.cogentco.com 4321
    RegDate: 1991-04-16
    Updated: 2005-10-05

    RTechHandle: PSI-NISC-ARIN
    RTechName: IP Allocation
    RTechPhone: +1-877-875-4311
    RTechEmail: ipalloc@cogentco.com

    OrgAbuseHandle: COGEN-ARIN
    OrgAbuseName: Cogent Abuse
    OrgAbusePhone: +1-877-875-4311
    OrgAbuseEmail: abuse@cogentco.com

    OrgNOCHandle: ZC108-ARIN
    OrgNOCName: Cogent Communications
    OrgNOCPhone: +1-877-875-4311
    OrgNOCEmail: noc@cogentco.com

    OrgTechHandle: IPALL-ARIN
    OrgTechName: IP Allocation
    OrgTechPhone: +1-877-875-4311
    OrgTechEmail: ipalloc@cogentco.com

    OrgName: Performance Systems International Inc.
    OrgID: PSI
    Address: 1015 31st St NW
    City: Washington
    StateProv: DC
    PostalCode: 20007
    Country: US

    NetRange: 38.112.0.0 - 38.119.255.255
    CIDR: 38.112.0.0/13
    NetName: COGENT-NB-0002
    NetHandle: NET-38-112-0-0-1
    Parent: NET-38-0-0-0-1
    NetType: Reallocated
    NameServer: AUTH1.DNS.COGENTCO.COM
    NameServer: AUTH2.DNS.COGENTCO.COM
    Comment: ReferralServer: rwhois://rwhois.cogentco.com:4321/
    RegDate: 2003-08-20
    Updated: 2004-03-11

    OrgAbuseHandle: COGEN-ARIN
    OrgAbuseName: Cogent Abuse
    OrgAbusePhone: +1-877-875-4311
    OrgAbuseEmail: abuse@cogentco.com

    OrgNOCHandle: ZC108-ARIN
    OrgNOCName: Cogent Communications
    OrgNOCPhone: +1-877-875-4311
    OrgNOCEmail: noc@cogentco.com

    OrgTechHandle: IPALL-ARIN
    OrgTechName: IP Allocation
    OrgTechPhone: +1-877-875-4311
    OrgTechEmail: ipalloc@cogentco.com

    # ARIN WHOIS database, last updated 2006-01-31 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS databa
     
Loading...
Thread Status:
Not open for further replies.