Hi everyone, i havent posted in a long time but i was wondering about this since yesterday. Last nite i received a message from my firewall saying that my windows core kernal is attempting to send a UDP packet to some address. Does anyone know wut the hell is going on? im confused and well i just clicked on deny. But if some one can clear this matter up for me i would appreciate it. ^_^ Thanx

Was this on win95/98/ME or NT win2k?

Not sure if it could be i have never had blackice on a server but could code red do this on win2k if it does not have the patch.. Not sure what it would try to do really.. :)

Oops...i forgot to mention my Os...heh..sorry
I am on windows 98 SE and i was running tiny personal firewall not black ice cuz basically black ice just sux....never warns me on anything but tpf on the other hand does although it gets annoyin....but its very effective in my opinion
plus, its free =) hrmm...so does it mean i could possibly have code red? yes? no? heh..still confused....^_^

I don't think so that must be some thing else.. You can't get Code Red on win98 as far as i know its only NT and win2k as they run IIS.. Not sure man..

heh...oops...boy do i feel stupid...
so as far as u and i kno, we have no idea wut this is hunh?
o wellz...i hope sumone tells me wut is goin on asap...heh ^_^

Originally posted by Ryu91482
Hi everyone, i havent posted in a long time but i was wondering about this since yesterday. Last nite i received a message from my firewall saying that my windows core kernal is attempting to send a UDP packet to some address. Does anyone know wut the hell is going on? im confused and well i just clicked on deny. But if some one can clear this matter up for me i would appreciate it. ^_^ Thanx


What was the destination address of the UDP packet? You can do a traceroute and see where the address lives.

My firewall has caught Windows phoning home to addresses that resolved to activex.microsoft.com and codecs.microsoft.com

Considering that I avoid activex due to the security problems it creates, I found the outbound connection attempts to be odd at best.

Are you trying to say that Microsoft is tapping to people's personal infor? :eek:

Originally posted by Ryu91482
Oops...i forgot to mention my Os...heh..sorry
I am on windows 98 SE and i was running tiny personal firewall not black ice cuz basically black ice just sux....never warns me on anything but tpf on the other hand does although it gets annoyin....but its very effective in my opinion
plus, its free =)

Well, TPF is a firewall and BlackIce is a network intrusion detection system. There's a big difference: a firewall blocks malicious traffic while an intrusion detection system logs all malicious and suspicious traffic.

It may be that BlackIce has a small firewall too, but it is not a firewall itself. Too many people read GRC.com and believe everything Steve Gibson says, including when he talks about BlackIce.

:)

Originally posted by Ryu91482
heh...oops...boy do i feel stupid...
so as far as u and i kno, we have no idea wut this is hunh?
o wellz...i hope sumone tells me wut is goin on asap...heh ^_^ Can you access the logs for your firewall? I know that my firewall warns me if Explorer tries to connect with another part of my system :eek:

Originally posted by Synergy
Are you trying to say that Microsoft is tapping to people's personal infor? :eek:


All I am saying is that I know of no reason why my computer would need to access those two Microsoft sites without my permission. As a result, they are now blocked by my firewall.

hrmm....i see, so blackice is a network intrusion program....no wonder it fails to be a firewall for me....o wellz....unfortuneatly i forgot to set my firewall to log the ip address and i forgot it...sorry guys...heh...i kno that was highly irresponsible and stupid of me. but from wut i am reading...i supposed that wut sum of u are tryin to say to me is microsoft wants to access something from our computers? but my firewall dint detect any access directly into my computer so how can it know to send something to that particular address?