Why is DNS accessing Internet?

Discussion in 'other software & services' started by Judge Dee, Jan 31, 2013.

Thread Status:
Not open for further replies.
  1. Judge Dee

    Judge Dee Guest

    On my wife's Mac, Intego's Traffic Monitor is showing DNS connecting to the Internet, even though no other service or program is doing so.
    It seems to happen a couple times of day for 10 or so minutes.
    I've done 2 full scans for malware.
    Is this normal?
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi, i see this happen every day too, and have done for several years ! I also havn't been able to track it down completely, but i notice in my FW logs that it's linked to UDP outbound attempts to my ISP's DNS via FF & consequently WSA. PrevxHelp has said more than once when i've queried this, that WSA does Not use UDP. So i presume WSA is just following what FF is attempting to do ?

    I have a feeling these attemtps "could" be one or more of my FF add-ons trying to check for updates etc ? Not all of them can be configured to prompt for permission to do so. One of these is AdBlock Plus, from i can gather anyway. Whenever i manually look for add-on updates, i always see that ADP says "Updates were yesterday" even though i only check every week or so !

    Do you have such add-ons etc ?

    Do you see UDP outbounds in your FW logs ?
     
  3. Judge Dee

    Judge Dee Guest

    Well, I don't see any UDP outbounds in the logs.
    But, she does have Adblock Plus.
    Could be that's what is doing it.
    It would be nice to totally solve the mystery.
    I really appreciate your response, CloneRanger.
     
  4. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Something must be doing the DNS request.
    Just wondering if its something built in like update service ?

    Cheers, Nick
     
  5. Judge Dee

    Judge Dee Guest

    I think I found it Nick and CloneRanger!
    Looking at macs activity monitor, i found was Eeventmanager doing the accessing.
    A google suggested Eeventmanager was associated with Epson printer, which I removed from her computer.
    No more DNS (for now, at least).
    Since I'm not familiar with Macs, I needed that push, Nick. Thanks.
     
  6. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    All those darned drivers, updaters and other junk.. You know over time they just slow things down, waste bandwidth. When I do is download the printer drive itself, no baggage from the vendor site. Those CD's printers come with are loaded with spyware. The last printer I saw installed somewhere, actually notified them you were low on ink, and kept pulling you to their website to buy new cartridges. To me that is a trojan horse, but I have a loose definition of those I guess.
     
  7. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Judge Dee

    Glad you were able to track it down, & stop it :)

    @ Bodhitree

    Yeah, all that extra crap vendors like to try & install :thumbd: Not here though :D
     
  8. Judge Dee

    Judge Dee Guest

    Thanks.
    I hope you can do the same.
    I know many people don't care, but I need to know what what's going on "behind my back". Although a madly flashing router when no one is using the computer isn't quite hidden.
     
Loading...
Thread Status:
Not open for further replies.