ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

How to prove which Firefox add-on is trying to access 128.127.110.10 ?

<< < (2/4) > >>

IainB:
Presumably the outgoing call was up to no good - 128.127.110.10 is on the MWB blacklist, for example, and when you google it, it is not a good look.
If that is true, then it raises concerns about what sort of trojans etc. developers might be building into their add-ons.
Made me even more cautious anyway.

IainB:
Maybe what we need is a security auditing add-on to audit the installed add-ons...    :huh:

40hz:
Maybe what we need is a security auditing add-on to audit the installed add-ons...    :huh:
-IainB (July 06, 2012, 08:23 AM)
--- End quote ---

It would be too easy to get around. As it stands, the binary "salami chop" (love that!) method suggested by Carol and 4wd is still your best bet. Don't be surprised if it turns out not to be caused by an add-on however. I've seen some incredibly subtle and clever bugs that install in drive-by fashion if you so much as land on the wrong website. A few of them even got by fully updated antimalware products and weren't caught by them until much later. It's a jungle out there.

FWIW there used to be an old MacOS (not OSX) app called Conflict Catcher that diagnosed startup extension problems by doing the exact same thing Carol suggested, albeit in a semi-automated fashion. It would disable half your extensions and then reboot and ask if everything looked ok. It would then repeat the process in binary tree fashion until it found the culprit. It was an extremely useful and popular (i.e. widely bootlegged :mrgreen:) app. Almost every Mac I ever saw had a copy installed.

 8)


Carol Haynes:
Not sure about MWB web blocking - I get constant pops whenever I use a torrent client and have to disable the scanner. Seems more a nuisance than a help - just ramps up the paranoia!

Curt:
128.127.110.10 seems to be an IP address in Denmark. -IainB (July 06, 2012, 05:19 AM)
--- End quote ---

Servers in Netherlands and United Kingdom (Isle Of Man), office in Sweden
- but not Denmark.

inetnum:         128.127.110.0 - 128.127.111.255
netname:         AS51430-NL
descr:           AltusHost Inc.
remarks:         AW-INFRA
country:         NL
admin-c:         AHN-RIPE
tech-c:          AHN-RIPE
status:          ASSIGNED PA
mnt-by:          ALTUSHOST-MNT
mnt-by:          ALTUSHOST-MNT
mnt-lower:       ALTUSHOST-MNT
mnt-routes:      ALTUSHOST-MNT
source:          RIPE # Filtered

role:            AltusHost - Contact Role
address:         ALTUSHOST INC.
address:         Artillerigatan 6
address:         SE-114 51 Stockholm
address:         Sweden
phone:           +46.852506060
fax-no:          +46.844680015
abuse-mailbox:   Search for this email address
--- End quote ---

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version