In reply to: > Date: Tue, 8 Jun 2004 23:03:15 -0700 (PDT) > From: larry a price <[EMAIL PROTECTED]> > Subject: [Eug-lug] packet tracing and firefox ... > > the orange box was issuing requests to port 80 of some host out on the > internet, without my intending for it to do so. I eventually satisfied > myself that it was something in firefox, because if I killed firefox it > would stop, and then start once I reloaded that browser and page.. > > Does anyone know what might be up with the host that resolves to > http://steak.burri.to ??? > > And how can i make reasonably sure that it was (as I think) > a bit of javascript or an iFrame Meta tag, and not someone hiding a > trojan that posts my keystrokes to a snarfserver and allows bulgarian > teenagers to buy leather jackets with my bank account.
The steakhouse seems to be local (as not in Bulgaria) ;; ANSWER SECTION: steak.burri.to. 300 IN A 205.201.58.8 OrgName: Luce McQuillin Corporation Address: 5001 Baum Blvd. Suite 630 City: Pittsburgh StateProv: PA NetRange: 205.201.0.0 - 205.201.63.255 Not sure if related, but a long time ago I had snort reporting my machine sending requests to external IPs, port 80 Looking at the details, as far as I remember, Opera sent out requests, probably to refresh some of their banner ad stuff... As kbob said: Use ethereal. ...and let us what kind of 'steak' was requested - Horst _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
