[Techtalk] Port question
mgmonza at sdf.lonestar.org
mgmonza at sdf.lonestar.org
Thu Oct 30 01:30:38 UTC 2014
On Wed, 29 Oct 2014, James Sutherland wrote:
>
> On Wed, Oct 29, 2014, at 04:51 AM, mgmonza at sdf.lonestar.org wrote:
>> Hi, all,
>><<
>> A representative set of lines from iftop look like this:
>> (none of these ip addresses is mine)
>>
>> none.local:35930 => iad23s07-in-f1.1e100.net:www 0b
>> none.local:43850 => yk-in-f101.1e100.net:www 0b
>> none.local:33935 => 67.220.127.199:https 0b
>
> Those are all *outgoing* connections: you connected to ports 80 ("www")
> and 443 ("https") of those machines.
>
> 1e100 is a very large number known as a Googol, and 1e100.net is the
> domain Google uses for all their back-end systems. So, those first two
> entries are connections from your machine to Google's web servers:
> nothing suspicious about that.
>>snip<<
>
> The third entry, 67.220.127.199, is the North Carolina State Library.
> (snip)
>
>> Now I'm really depressed - looks like it may be worse than I
>> thought.
>
> Don't be depressed: all these entries indicate is that you use a Google
> web service and were doing something on the NC State Library system!
>
Thanks, James - all good and useful info. I thought someone had 'zombied'
my computer and was using it to connect out. It's a major relief to know
that's not the case, still a minor letdown to know my attempts to
de-googlefy all my browsers haven't quite succeeded.
I checked /etc/resolv.conf and /etc/hosts (just for grins); NCState's is
not in either, although SDF's DNSs are still in resolv.conf as backup.
One of the pages from the ixquick search must have accessed NCSU.
I know all this is at a woefully elementary level. Thanks again for the
information and the reassurance.
MG
More information about the Techtalk
mailing list