Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Re: Strange connection from google desktop search

from [Steve R] Network Security [Permanent Link]
Subject: [Full-Disclosure] Re: Strange connection from google desktop search
Date: Sun, 6 Mar 2005 05:06:34 +0000 (GMT) 
--- RandallM <randallm@fidmail.com> wrote:

The following established connection was noticed:
 TCP    xxx.xxx.x.xx:2869      64.233.187.104:80    
 ESTABLISHED     2824

Process viewer reported it to be:
Googledesktop.exe

SamSpade says:

03/05/05 21:54:31 whois  64.233.187.104
I don't recognise any domain in 187.104, trying
internic

whois -h whois.internic.net 187.104 ...

Whois Server Version 1.3

Domain names in the .com and .net domains can now be
registered
with many different competing registrars. Go to
http://www.internic.net
for detailed information.

No match for "187.104".

03/05/05 22:07:21 finger @ 64.233.187.104
finger @ 64.233.187.104 failed, no such host

03/05/05 22:07:47 dns  64.233.187.104
No DNS for this address
(host doesn't exist)


FYI,

Output from ARIN WHOIS
Search results for: 64.233.187.104

OrgName:    Google Inc. 
OrgID:      GOGL
Address:    2400 E. Bayshore Parkway
City:       Mountain View
StateProv:  CA
PostalCode: 94043
Country:    US

NetRange:   64.233.160.0 - 64.233.191.255 
CIDR:       64.233.160.0/19 
NetName:    GOOGLE
NetHandle:  NET-64-233-160-0-1
Parent:     NET-64-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.GOOGLE.COM
NameServer: NS2.GOOGLE.COM
Comment:    
RegDate:    2003-08-18
Updated:    2004-03-05

TechHandle: ZG39-ARIN
TechName:   Google Inc. 
TechPhone:  +1-650-318-0200
TechEmail:  arin-contact@google.com 

OrgTechHandle: ZG39-ARIN
OrgTechName:   Google Inc. 
OrgTechPhone:  +1-650-318-0200
OrgTechEmail:  arin-contact@google.com

# ARIN WHOIS database, last updated 2005-03-05 19:10
# Enter ? for additional hints on searching ARIN's
WHOIS database.


Send instant messages to your online friends http://uk.messenger.yahoo.com 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] Re: Strange connection from google desktop search, Steve R <=
Previous by Date:  Re: [Full-Disclosure] Strange connection from google desktop search, Rev. Kronovohr
Next by Date:  Re: [Full-Disclosure] Strange connection from google desktop search, Ron DuFresne
Previous by Thread:  [Full-Disclosure] Strange connection from google desktop search, RandallM
Next by Thread:  [Full-Disclosure] [ GLSA 200503-12 ] Hashcash: Format string vulnerability, Thierry Carrez
Indexes:  [Date] [Thread] [Top] [All Lists]