Jump to content

Website blocking - tracking the cause of blocked spontaneous attempts to connect to websites

tommytiko
 Share

Recommended Posts

tommytiko

tommytiko

Posted
Posted

I am not sure that I understand what is going on when there is incoming connection that is blocked. Enlightenment would be appreciated. My windows firewall is enabled.

So far as outgoing connections are concerned, I get a number of blocked 'outgoing' connections that my computer spontaneously has attempted to make to places such as Islamabad, Moldova and the Ukraine, where I have no business. I have copied a log below. I should like to have control over outgoing information the sending of which might be prompted by spyware, but all 3rd party firewalls that I have tried out interfere too much with the running of my system. The feature in MBAM that appears to block such connections, at least to known bad sites, is of great interest.

Is there any way to track down what program on my computer is attempting to make the outgoing connections? Could such a function be added to MBAM?

I seem to recall that there was monitoring of outgoing connections in terms of the program making the connection in Online Armor, but something in Online Armor was causing blue screens, so I had to abandon it.

00:29:37 Tom IP-BLOCK 91.203.146.58 (Type: outgoing)

00:29:40 Tom IP-BLOCK 91.203.146.58 (Type: outgoing)

00:29:47 Tom IP-BLOCK 91.203.146.58 (Type: outgoing)

00:33:48 Tom IP-BLOCK 212.117.161.66 (Type: outgoing)

00:33:51 Tom IP-BLOCK 212.117.161.66 (Type: outgoing)

00:33:57 Tom IP-BLOCK 212.117.161.66 (Type: outgoing)

14:19:29 Tom IP-BLOCK 89.28.110.154 (Type: outgoing)

14:19:31 Tom IP-BLOCK 89.28.110.154 (Type: outgoing)

14:19:35 Tom IP-BLOCK 89.28.110.154 (Type: outgoing)

Link to post
Share on other sites
tommytiko

tommytiko

Posted
  • Author
Posted

Hi John A,

Thanks for that.

I suppose that there is not much incentive for MBAMprovide a means to identify the program that is attempting to make a connection to a malicious site if it already does so for more modern operating systems, but since I am not about to rush into rebuilding my XP system, I wonder whether there is some way of tracking it down, perhaps through using some other application that will monitor what applications attempt to make connections. I have tried to find such an application, but have never found one except the rather basic functionality in that behalf in Online Armor, which caused crash/bsod problems.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

There is also WireShark but it's not an easy program for many to decipher the output.

You could also install a firewall product that monitors both incoming and outgoing ports as the one on XP only monitors incoming but does not log it very well like full firewall products do.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.