I noticed that there was a lot of TCP traffic immediately after I opened The Bat!. I closed it then re-opened it, but it did not happen again.
So I rebooted, then started a packet-capture program THEN started up The Bat!. Sure enough, there was then outbound traffic. What I saw was not harmful. Bat was going through all the registered DNS addresses and asking about Name: csc3-2004-crl.verisign.com Then Bat! went to Verisign and asked a few things and got back a long encrypted list. : GET /CSC3-2004.crl HTTP/1.1 Accept: */* User-Agent: CryptRetrieveObjectByUrl::InetSchemeProvider Host: csc3-2004-crl.verisign.com Connection: Keep-Alive Cache-Control: no-cache HTTP/1.0 200 OK Date: Sat, 25 Jun 2005 10:39:52 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Sat, 25 Jun 2005 10:00:25 GMT ETag: "7355-3ae3-42bd2b39" Accept-Ranges: bytes Content-Length: 15075 Content-Type: application/pkix-crl X-Cache: MISS from idn10-wceast Age: 608 X-Cache: HIT from idn3-wceast Connection: keep-alive 0:ß09Ç0 ..*H÷ .....0´1.0...U....US1.0...U. ..VeriSign, Inc.1.0...U....VeriSign Trust Network1;09..U...2Terms of use at https://www.verisign.com/rpa (c)041.0,..U...%VeriSign Class 3 Code Signing 2004 CA. ...............and so on ******************************************************************* So, can anyone tell me what was being acquired and why? -- Thanks for the help ... Robert D. _________________________ The Bat! Version: 3.5.25 Windows ME FireFox ________________________________________________________ http://www.silverstones.com/thebat/TBUDLInfo.html
