Terminally Incoherent

Utterly random, incoherent and disjointed rants and ramblings...

Saturday, March 25, 2006

б^H tries to connect to the internet

Today I have found bunch of interesting entries in my firewall log. Apparently an application named б^H was trying to access the internet at various times. Now, I don't know about you - but if I see a weird sting like that I get suspicious. So I started digging.

From the logs I figured that this thing was trying to do DNS lookups (all the hits were aiming at port 53 on the remote hosts). This is not unusuall - any piece of mallware could be doing this... But, since my anti-virus and spybot scans that run just this morning did not find anything, I started looking for legit apps that could generate port 53 traffic.

I spotted my DynDNS Updater icon in the taskbar which was red (to indicate failure to update). I did a few quick tests, enabling and disabling the rule for my mysterious application and I got it. It was the damn DynDNS updater!

Question is, why the hell does it show up in my logs as б^H? Why haven't I noticed this before? And what the hell were they thinking?

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home