#22728 [NEW]: php.exe attempts to contact the web

Sat, 15 Mar 2003 05:54:08 -0800 

From:             ChristianMoore at attbi dot com
Operating system: Windows .NET Server 2003 AdvSrv
PHP version:      4.3.0
PHP Bug Type:     Unknown/Other Function
Bug description:  php.exe attempts to contact the web

I use PHP on my site at www.psychosematic.com.  For some reason, php.exe is
trying to access the web, and it has nothing to do with my site.

My firewall logged these actions, performed by php.exe:

File Version :          
File Description :      C:\php\php.exe
File Path :             C:\php\php.exe
Process ID :            283C (Heximal) 10300 (Decimal)

Connection origin :     local initiated
Protocol :              TCP
Local Address :         192.168.1.100
Local Port :            3216 
Remote Name :           www.ironmaiden.com
Remote Address :        213.86.54.15
Remote Port :           80 (HTTP - World Wide Web)

Ethernet packet details:
Ethernet II (Packet Length: 62)
        Destination:    00-04-5a-e9-5a-17
        Source:         00-03-6d-11-12-fc
Type: IP (0x0800)
Internet Protocol
        Version: 4
        Header Length: 20 bytes
        Flags:
                .1.. = Don't fragment: Set
                ..0. = More fragments: Not set
        Fragment offset:0
        Time to live: 64
        Protocol: 0x6 (TCP - Transmission Control Protocol)
        Header checksum: 0x1d7b (Correct)
        Source: 192.168.1.100
        Destination: 213.86.54.15
Transmission Control Protocol (TCP)
        Source port: 3216
        Destination port: 80
        Sequence number: 3479013436
        Acknowledgment number: 0
        Header length: 28
        Flags: 
                0... .... = Congestion Window Reduce (CWR): Not set
                .0.. .... = ECN-Echo: Not set
                ..0. .... = Urgent: Not set
                ...0 .... = Acknowledgment: Not set
                .... 0... = Push: Not set
                .... .0.. = Reset: Not set
                .... ..1. = Syn: Set
                .... ...0 = Fin: Not set
        Checksum: 0x3311 (Correct)
        Data (0 Bytes)

Binary dump of the packet:
0000:  00 04 5A E9 5A 17 00 03 : 6D 11 12 FC 08 00 45 00 |
..Z.Z...m.....E.
0010:  00 30 F2 38 40 00 40 06 : 7B 1D C0 A8 01 64 D5 56 |
[EMAIL PROTECTED]@.{....d.V
0020:  36 0F 0C 90 00 50 CF 5D : 88 3C 00 00 00 00 70 02 |
6....P.].<....p.
0030:  40 00 11 33 00 00 02 04 : 05 B4 01 01 04 02       | @..3.......... 



File Version :          
File Description :      C:\php\php.exe
File Path :             C:\php\php.exe
Process ID :            2B40 (Heximal) 11072 (Decimal)

Connection origin :     local initiated
Protocol :              TCP
Local Address :         192.168.1.100
Local Port :            3256 
Remote Name :           www.aimoo.com
Remote Address :        216.38.143.13
Remote Port :           80 (HTTP - World Wide Web)

Ethernet packet details:
Ethernet II (Packet Length: 62)
        Destination:    00-04-5a-e9-5a-17
        Source:         00-03-6d-11-12-fc
Type: IP (0x0800)
Internet Protocol
        Version: 4
        Header Length: 20 bytes
        Flags:
                .1.. = Don't fragment: Set
                ..0. = More fragments: Not set
        Fragment offset:0
        Time to live: 64
        Protocol: 0x6 (TCP - Transmission Control Protocol)
        Header checksum: 0x8014 (Correct)
        Source: 192.168.1.100
        Destination: 216.38.143.13
Transmission Control Protocol (TCP)
        Source port: 3256
        Destination port: 80
        Sequence number: 74775255
        Acknowledgment number: 0
        Header length: 28
        Flags: 
                0... .... = Congestion Window Reduce (CWR): Not set
                .0.. .... = ECN-Echo: Not set
                ..0. .... = Urgent: Not set
                ...0 .... = Acknowledgment: Not set
                .... 0... = Push: Not set
                .... .0.. = Reset: Not set
                .... ..1. = Syn: Set
                .... ...0 = Fin: Not set
        Checksum: 0x8b0d (Correct)
        Data (0 Bytes)

Binary dump of the packet:
0000:  00 04 5A E9 5A 17 00 03 : 6D 11 12 FC 08 00 45 00 |
..Z.Z...m.....E.
0010:  00 30 FD 07 40 00 40 06 : 14 80 C0 A8 01 64 D8 26 |
[EMAIL PROTECTED]@......d.&
0020:  8F 0D 0C B8 00 50 04 74 : FA D7 00 00 00 00 70 02 |
.....P.t......p.
0030:  40 00 0D 8B 00 00 02 04 : 05 B4 01 01 04 02       | @............. 


-- 
Edit bug report at http://bugs.php.net/?id=22728&edit=1
-- 
Try a CVS snapshot:         http://bugs.php.net/fix.php?id=22728&r=trysnapshot
Fixed in CVS:               http://bugs.php.net/fix.php?id=22728&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=22728&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=22728&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=22728&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=22728&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=22728&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=22728&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=22728&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=22728&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=22728&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=22728&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=22728&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=22728&r=gnused

Reply via email to