Protection or invation?

[Ivanbb]

Just came across a nasty piece of work while searching for PC parts on line. The firewall went wild, and started blocking all sorts of connections.

 

Turns out a service called "Markmonitor" (64.124.14.70) was trying to connect to my network. Bit of research and it seems this company, part of Reuters, is monitoring services across the internet for "copyright reasons."

 

But what the hell were they trying to connect to my PC for?

Dabs and PCWorld have nothing to do with copyright!

Anyone else heard of this service?

[dx100uk]

i'd check you've not got a spamming Trojan

 

run combofix

from the bleeping computer site

 

in safe mode with networking.

 

dx

[san_d]

Add that IP address to your host file and it's gone.

[Ivanbb]

It's not a Trojan dx100uk, Least if it is then the script kiddie writing it has a guaranteed job with Sophos! Yes I can bock firewall ports, or use the hosts file, but Your average housewife wouldn't have know anyone was looking at her PC or how to do that. Wasn't Google just recently slapped for doing something similar? Reauter Thompsan seem to be selling a service to promote inspecting PC's while users are browsing. Does anyone know anything about the service they are selling?

[adridude]

I've seen this ALOT. Because of the new 'COOKIES POLICY' where websites have to ASK you if you want to have cookies or not , have started including that bloody irrortatin * (after their clause)... THis is what you have to watch out for, BUT BUT BUT, INHO, I cant think that this is enforceable as there was no * to match it up to at the end of the page. They rely on the fact that you CALL them and then discuss it, then it makes sense.

[adridude]

My advice is:

 

1) MAC OR WINDOWS - CONFIRM BEFORE YOU GET IT - Google is you friend!

 

2) MAC OR WINDOWS: ALWAYS READ COOKY POLICY! SOmetimes they encroach (usually by accident) on your personal data from the original company) - so DELETE COOKIES

3) Don't give ANYONE access to your MAc THIS INCLUDES:

iPhones, iPads and iMacs.

To-date they dall collaborate and share documents,...

 

I hope this helps from a mac user perspective. From here I can only deal with scemarios n whatever

[Ivanbb]

Thats Q.I. I'll watch for that next time I'm browsing. Crazy ... It seems reasonable if you connect to a server that YOUR computer identifies itself, but it can't be reasonable that the server collects information you don't wish to divulge.... let alone a completely different server. I thought that was part and parcel with the new cookie law. Thanks for the info

[adridude]

Usually it seems 'innocent'. Cookies can hold quite a bit of information, sucha s your browsing history or your search patters.

 

have you seen on FaceBook that whenyou log on that if any advertising flashes up on the sidebars, its usually in relation to what you've searched for or what kind of site you've been to?

 

On another note, I've thought, if it is a Trojan or AdWare, then you should give your computer an enema (as to put it) lol

 

There's loads of cleansing programs out there. one i use with my clients and personally on windows machines is called "Spyware Seek and Destroy" or "Spyware S+D". I know it sounds like a childs game, but its very efficient and best of all, FREE!

[adridude]

Just looking at it myself, they fire up a port 113 connection which is called an IDENT connection.

 

Older computers/systems/servers used to have an IDENT server running whicvh gave some information away. Just ignore it, it's nothing interesting