topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday December 10, 2024, 10:51 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Unknown packet  (Read 4249 times)

rgdot

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 2,193
    • View Profile
    • Donate to Member
Unknown packet
« on: April 06, 2017, 09:28 AM »
Hope someone here can help decipher something, I randomly ran Nirsoft's smartsniff on this laptop I am now, just as a security measure of sorts to check it. One of the captured packets is odd, to me at least.

Code: Text [Select]
  1. ==================================================
  2. Index             : 1
  3. Protocol          : TCP
  4. Local Address     : 192.168.0.126
  5. Remote Address    : 90.181.227.232
  6. Local Port        : 50321
  7. Remote Port       : 443
  8. Local Host        :
  9. Remote Host       :
  10. Service Name      : https
  11. Packets           : 2
  12. Data Size         : 1 Bytes
  13. Total Size        : 134 Bytes
  14. Data Speed        : 0.0 KB/Sec
  15. Capture Time      : 2017-04-04 11:33:30 AM:061
  16. Last Packet Time  : 2017-04-04 11:33:30 AM:279
  17. Duration          : 00:00:00.218
  18. Local MAC Address :
  19. Remote MAC Address:
  20. Local IP Country  :
  21. Remote IP Country :
  22. ==================================================
  23.  
  24. 00000000  00

Just that 00000000 00 randomly once in a while when I leave smartsniff running, to that IP or others that my look up says "Organization: O2 Czech Republic iol.cz"

Any thoughts?

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: Unknown packet
« Reply #1 on: April 06, 2017, 01:37 PM »
A reverse DNS on 90.181.227.232 resolves to a site in the nos-avg.cz domain.

That has something to do with AVG (the antivirus company).  You might want to ask them about it, or try turning off any automatic update functionality for a while and see if it stops.

rgdot

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 2,193
    • View Profile
    • Donate to Member
Re: Unknown packet
« Reply #2 on: April 06, 2017, 01:59 PM »
The site I used didn't show the avg domain, only iol.cz. Wasted my time and yours :( Thanks. Will deal with the blocking (or not blocking)
 Incidentally Avast is installed and this reminds me Avast bought AVG a while back...

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,885
    • View Profile
    • Donate to Member
Re: Unknown packet
« Reply #3 on: April 06, 2017, 03:08 PM »
Yup, he's right...AVG.

From a handy little FF add-on that I use for tracing customer IP addresses, at work.

Screenshot - 4_6_2017 , 4_04_05 PM.png

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,885
    • View Profile
    • Donate to Member
Re: Unknown packet
« Reply #4 on: April 06, 2017, 03:24 PM »
It could possibly be related to a browser security add-on.

https://support.avg....d=906b0000000DPSPAA4

rgdot

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 2,193
    • View Profile
    • Donate to Member
Re: Unknown packet
« Reply #5 on: April 06, 2017, 04:57 PM »
Thanks app, I should have done more before asking  :-[