|
 |
|
 |
07-08-2003, 06:25 PM
|
#1 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
dll authentication
Now I need al ittle help with the DLL protection features. I will post several reports I got from my firewall and please tell me which I should let access the net and which dll's I shouldn't let access the net. Thank you all for your help.
I am running Win2000 pro on this comp.
Here is the first one:
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\drmclien.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 11C (Heximal) 284 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1359
Remote Name :
Remote Address : 24.69.255.209
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 62)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xd8d5 (Correct)
Source:
Destination: 24.69.255.209
Transmission Control Protocol (TCP)
Source port: 1359
Destination port: 8080
Sequence number: 1881323719
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x96e5 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 30 15 30 40 00 80 06 : D5 D8 18 57 DF 51 18 45 | .0.0@......W.Q.E
0020: FF D1 05 4F 1F 90 70 22 : B8 C7 00 00 00 00 70 02 | ...O..p"......p.
0030: 40 00 E5 96 00 00 02 04 : 05 B4 01 01 04 02 | @.............
|
|
|
|
07-08-2003, 06:26 PM
|
#2 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
Report 2
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\strmdll.dll
C:\WINDOWS\SYSTEM32\drmclien.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 11C (Heximal) 284 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1382
Remote Name :
Remote Address : 24.69.255.229
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 62)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x4cd5 (Correct)
Source:
Destination: 24.69.255.229
Transmission Control Protocol (TCP)
Source port: 1382
Destination port: 8080
Sequence number: 2032526928
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0xdfae (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 30 15 A8 40 00 80 06 : D5 4C 18 57 DF 51 18 45 | .0..@....L.W.Q.E
0020: FF E5 05 66 1F 90 79 25 : E6 50 00 00 00 00 70 02 | ...f..y%.P....p.
0030: 40 00 AE DF 00 00 02 04 : 05 B4 01 01 04 02 | @.............
|
|
|
|
|
07-08-2003, 06:28 PM
|
#3 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\strmdll.dll
C:\WINDOWS\SYSTEM32\drmclien.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 11C (Heximal) 284 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1382
Remote Name :
Remote Address : 24.69.255.229
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 62)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x4cd5 (Correct)
Source:
Destination: 24.69.255.229
Transmission Control Protocol (TCP)
Source port: 1382
Destination port: 8080
Sequence number: 2032526928
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0xdfae (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 30 15 A8 40 00 80 06 : D5 4C 18 57 DF 51 18 45 | .0..@....L.W.Q.E
0020: FF E5 05 66 1F 90 79 25 : E6 50 00 00 00 00 70 02 | ...f..y%.P....p.
0030: 40 00 AE DF 00 00 02 04 : 05 B4 01 01 04 02 | @.............
|
|
|
|
|
07-08-2003, 06:29 PM
|
#4 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 568 (Heximal) 1384 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1309
Remote Name :
Remote Address : 24.69.255.226
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 62)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x58d9 (Correct)
Source:
Destination: 24.69.255.226
Transmission Control Protocol (TCP)
Source port: 1309
Destination port: 8080
Sequence number: 4142312748
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x8e6a (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 30 11 9F 40 00 80 06 : D9 58 18 57 DF 51 18 45 | .0..@....X.W.Q.E
0020: FF E2 05 1D 1F 90 F6 E6 : AD 2C 00 00 00 00 70 02 | .........,....p.
0030: 40 00 6A 8E 00 00 02 04 : 05 B4 01 01 04 02 | @.j...........
|
|
|
|
|
07-08-2003, 06:31 PM
|
#5 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 568 (Heximal) 1384 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1517
Remote Name : members.cj.com
Remote Address : 216.34.209.9
Remote Port : 443 (HTTPS - HTTP protocol over TLS/SSL)
Ethernet packet details:
Ethernet II (Packet Length: 54)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x632 (Correct)
Source:
Destination: 216.34.209.9
Transmission Control Protocol (TCP)
Source port: 1517
Destination port: 443
Sequence number: 371877802
Acknowledgment number: 1674270798
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0x75cd (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 28 27 F5 40 00 80 06 : 32 06 18 57 DF 51 D8 22 | .('.@...2..W.Q."
0020: D1 09 05 ED 01 BB 16 2A : 67 AA 63 CB 58 4E 50 04 | .......*g.c.XNP.
0030: 00 00 CD 75 00 00 : | ...u..
|
|
|
|
|
07-08-2003, 06:31 PM
|
#6 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 780 (Heximal) 1920 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 2867
Remote Name :
Remote Address : 24.69.255.240
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 54)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xf930 (Correct)
Source:
Destination: 24.69.255.240
Transmission Control Protocol (TCP)
Source port: 2867
Destination port: 8080
Sequence number: 1655086941
Acknowledgment number: 2768858993
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0xc05e (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 28 B9 F8 40 00 80 06 : 30 F9 18 57 DF 51 18 45 | .(..@...0..W.Q.E
0020: FF F0 0B 33 1F 90 62 A6 : 9F 5D A5 09 6F 71 50 04 | ...3..b..]..oqP.
0030: 00 00 5E C0 00 00 : | ..^...
|
|
|
|
|
07-08-2003, 06:32 PM
|
#7 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\strmdll.dll
C:\WINDOWS\SYSTEM32\drmclien.dll
C:\WINDOWS\SYSTEM32\msdmo.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 3D8 (Heximal) 984 (Decimal)
Connection origin : remote initiated
Protocol : TCP
Local Address :
Local Port : 1374 (MOLLY - EPI Software Systems)
Remote Name :
Remote Address : 24.69.255.240
Remote Port : 8080
Ethernet packet details:
Ethernet II (Packet Length: 60)
Destination: 00-c0-26-c0-c7-61
Source: 00-00-77-94-7f-81
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 60
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x726d (Correct)
Source: 24.69.255.240
Destination:
Transmission Control Protocol (TCP)
Source port: 8080
Destination port: 1374
Sequence number: 25017951
Acknowledgment number: 114913128
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Checksum: 0xe944 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 C0 26 C0 C7 61 00 00 : 77 94 7F 81 08 00 45 00 | ..&..a..w.....E.
0010: 00 28 C1 7F 40 00 3C 06 : 6D 72 18 45 FF F0 18 57 | .(..@.<.mr.E...W
0020: DF 51 1F 90 05 5E 01 7D : BE 5F 06 D9 6F 68 50 11 | .Q...^.}._..ohP.
0030: FF FF 44 E9 00 00 00 00 : 00 00 00 00 | ..D.........
|
|
|
|
|
07-08-2003, 06:33 PM
|
#8 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 5E4 (Heximal) 1508 (Decimal)
Connection origin : remote initiated
Protocol : TCP
Local Address :
Local Port : 1819 (PLATO-LM - Plato License Manager)
Remote Name :
Remote Address : 24.69.255.234
Remote Port : 8080
Ethernet packet details:
Ethernet II (Packet Length: 60)
Destination: 00-c0-26-c0-c7-61
Source: 00-00-77-94-7f-81
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 60
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xc99d (Correct)
Source: 24.69.255.234
Destination:
Transmission Control Protocol (TCP)
Source port: 8080
Destination port: 1819
Sequence number: 1021098215
Acknowledgment number: 1741245134
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0xf1d0 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 C0 26 C0 C7 61 00 00 : 77 94 7F 81 08 00 45 00 | ..&..a..w.....E.
0010: 00 28 91 2E 40 00 3C 06 : 9D C9 18 45 FF EA 18 57 | .(..@.<....E...W
0020: DF 51 1F 90 07 1B 3C DC : B8 E7 67 C9 4A CE 50 14 | .Q....<...g.J.P.
0030: FF FF D0 F1 00 00 00 00 : 00 00 00 00 | ............
|
|
|
|
|
07-08-2003, 06:34 PM
|
#9 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 5F4 (Heximal) 1524 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 2780
Remote Name : a248.e.akamai.net
Remote Address : 80.67.66.41
Remote Port : 443 (HTTPS - HTTP protocol over TLS/SSL)
Ethernet packet details:
Ethernet II (Packet Length: 62)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x89db (Correct)
Source:
Destination: 80.67.66.41
Transmission Control Protocol (TCP)
Source port: 2780
Destination port: 443
Sequence number: 208448460
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x3af4 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 30 95 29 40 00 80 06 : DB 89 18 57 DF 51 50 43 | .0.)@......W.QPC
0020: 42 29 0A DC 01 BB 0C 6C : AB CC 00 00 00 00 70 02 | B).....l......p.
0030: 40 00 F4 3A 00 00 02 04 : 05 B4 01 01 04 02 | @..:..........
|
|
|
|
|
07-08-2003, 06:45 PM
|
#10 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\t2embed.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 7C0 (Heximal) 1984 (Decimal)
Connection origin : remote initiated
Protocol : TCP
Local Address :
Local Port : 4629
Remote Name : proxy.vc.shawcable.net
Remote Address : 24.69.255.200
Remote Port : 8080
Ethernet packet details:
Ethernet II (Packet Length: 60)
Destination: 00-c0-26-c0-c7-61
Source: 00-00-77-94-7f-81
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 60
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xc2fc (Correct)
Source: 24.69.255.200
Destination:
Transmission Control Protocol (TCP)
Source port: 8080
Destination port: 4629
Sequence number: 2275765470
Acknowledgment number: 3206813340
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Checksum: 0x33a4 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 C0 26 C0 C7 61 00 00 : 77 94 7F 81 08 00 45 00 | ..&..a..w.....E.
0010: 00 28 32 57 40 00 3C 06 : FC C2 18 45 FF C8 18 57 | .(2W@.<....E...W
0020: DF 51 1F 90 12 15 87 A5 : 6C DE BF 24 16 9C 50 11 | .Q......l..$..P.
0030: FF FF A4 33 00 00 00 00 : 00 00 00 00 | ...3........
|
|
|
|
|
07-08-2003, 06:45 PM
|
#11 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 438 (Heximal) 1080 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 1592
Remote Name :
Remote Address : 24.69.255.238
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 54)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xd9c1 (Correct)
Source:
Destination: 24.69.255.238
Transmission Control Protocol (TCP)
Source port: 1592
Destination port: 8080
Sequence number: 781520122
Acknowledgment number: 47435493
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Checksum: 0xd32d (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 28 29 1A 40 00 80 06 : C1 D9 18 57 DF 51 18 45 | .().@......W.Q.E
0020: FF EE 06 38 1F 90 2E 95 : 0C FA 02 D3 CE E5 50 11 | ...8..........P.
0030: 3F 14 2D D3 00 00 : | ?.-...
|
|
|
|
|
07-08-2003, 06:46 PM
|
#12 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\WINDOWS\SYSTEM32\drmclien.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 4E4 (Heximal) 1252 (Decimal)
Connection origin : remote initiated
Protocol : TCP
Local Address :
Local Port : 2525 (MS-V-WORLDS - MS V-Worlds)
Remote Name :
Remote Address : 24.69.255.209
Remote Port : 8080
Ethernet packet details:
Ethernet II (Packet Length: 60)
Destination: 00-c0-26-c0-c7-61
Source: 00-00-77-94-7f-81
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 60
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xa65d (Correct)
Source: 24.69.255.209
Destination:
Transmission Control Protocol (TCP)
Source port: 8080
Destination port: 2525
Sequence number: 1609526276
Acknowledgment number: 3416734075
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Checksum: 0x90a5 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 C0 26 C0 C7 61 00 00 : 77 94 7F 81 08 00 45 00 | ..&..a..w.....E.
0010: 00 28 D1 6A 40 00 3C 06 : 5D A6 18 45 FF D1 18 57 | .(.j@.<.]..E...W
0020: DF 51 1F 90 09 DD 5F EF : 6C 04 CB A7 39 7B 50 11 | .Q...._.l...9{P.
0030: FF FF A5 90 00 00 00 00 : 00 00 00 00 | ............
|
|
|
|
|
07-08-2003, 06:49 PM
|
#13 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 768 (Heximal) 1896 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 2871
Remote Name : a248.e.akamai.net
Remote Address : 209.247.88.181
Remote Port : 443 (HTTPS - HTTP protocol over TLS/SSL)
Ethernet packet details:
Ethernet II (Packet Length: 54)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x1d25 (Correct)
Source:
Destination: 209.247.88.181
Transmission Control Protocol (TCP)
Source port: 2871
Destination port: 443
Sequence number: 3956131488
Acknowledgment number: 2175392340
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0x2c72 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 28 B3 5D 40 00 80 06 : 25 1D 18 57 DF 51 D1 F7 | .(.]@...%..W.Q..
0020: 58 B5 0B 37 01 BB EB CD : C6 A0 81 A9 DA 54 50 04 | X..7.........TP.
0030: 00 00 72 2C 00 00 : | ..r,..
|
|
|
|
|
07-08-2003, 06:49 PM
|
#14 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
C:\DOCUME~1\BC_Save\LOCALS~1\Temp\jsproxy.wmp
C:\WINDOWS\SYSTEM32\strmdll.dll
C:\WINDOWS\SYSTEM32\drmclien.dll
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 6B4 (Heximal) 1716 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 3098
Remote Name : proxy.vc.shawcable.net
Remote Address : 24.69.255.200
Remote Port : 80 (HTTP - World Wide Web)
Ethernet packet details:
Ethernet II (Packet Length: 169)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x832a (Correct)
Source:
Destination: 24.69.255.200
Transmission Control Protocol (TCP)
Source port: 3098
Destination port: 80
Sequence number: 4256591356
Acknowledgment number: 2576324455
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0xf5cb (Correct)
Data (115 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 9B C0 23 40 00 80 06 : 2A 83 18 57 DF 51 18 45 | ...#@...*..W.Q.E
0020: FF C8 0C 1A 00 50 FD B6 : 6D FC 99 8F 97 67 50 18 | .....P..m....gP.
0030: 44 70 CB F5 00 00 47 45 : 54 20 2F 77 70 61 64 2E | Dp....GET /wpad.
0040: 64 61 74 20 48 54 54 50 : 2F 31 2E 31 0D 0A 41 63 | dat HTTP/1.1..Ac
0050: 63 65 70 74 3A 20 2A 2F : 2A 0D 0A 55 73 65 72 2D | cept: */*..User-
0060: 41 67 65 6E 74 3A 20 4D : 6F 7A 69 6C 6C 61 2F 34 | Agent: Mozilla/4
0070: 2E 30 20 28 63 6F 6D 70 : 61 74 69 62 6C 65 3B 20 | .0 (compatible;
0080: 4D 53 49 45 20 36 2E 30 : 3B 20 57 69 6E 33 32 29 | MSIE 6.0; Win32)
0090: 0D 0A 48 6F 73 74 3A 20 : 32 34 2E 36 39 2E 32 35 | ..Host: 24.69.25
00A0: 35 2E 32 30 30 0D 0A 0D : 0A | 5.200....
|
|
|
|
|
07-08-2003, 06:51 PM
|
#15 (permalink)
|
|
Code Monkey
Join Date: Jul 2003
Posts: 88
|
#The new DLLs have been loaded:
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\MSCONV97.DL L
C:\PROGRA~1\COMMON~1\MICROS~1\TEXTCONV\HTML32.CNV
To disable DLL Authentication go to the security tab under the Tools, Options menu.
File Version : 6.00.2800.1106
File Description : Internet Explorer
File Path : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Process ID : 700 (Heximal) 1792 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address :
Local Port : 3904
Remote Name :
Remote Address : 24.69.255.240
Remote Port : 8080 (HTTP-ALT - HTTP Alternate (see port 80))
Ethernet packet details:
Ethernet II (Packet Length: 54)
Destination: 00-00-77-94-7f-81
Source: 00-c0-26-c0-c7-61
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0xd0f6 (Correct)
Source:
Destination: 24.69.255.240
Transmission Control Protocol (TCP)
Source port: 3904
Destination port: 8080
Sequence number: 698182582
Acknowledgment number: 914496993
Header length: 20
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Checksum: 0x7b87 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 00 77 94 7F 81 00 C0 : 26 C0 C7 61 08 00 45 00 | ..w.....&..a..E.
0010: 00 28 F4 20 40 00 80 06 : F6 D0 18 57 DF 51 18 45 | .(. @......W.Q.E
0020: FF F0 0F 40 1F 90 29 9D : 6B B6 36 82 1D E1 50 04 | ...@..).k.6...P.
0030: 00 00 87 7B 00 00 : | ...{..
|
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -8. The time now is 08:26 PM.
|
Copyright © 2000-2008, Milano Interactive
Web Hosting provided by Portal 360 Web Hosting
|
|
|
