wireplay Posted October 25, 2005 Report Share Posted October 25, 2005 Yes, it sounds wierd, but it's really happening.AVG popped up a box saying it was trying to virus check an outgoing email being sent to 196-47-6-168.access.uunet.co.za.I looked at the AVG log, and it said the email came from process 2504, which was uTorrent.Does anyone have any idea what is going on?Here's the log snippet:25.10.2005 11:08:01 [150] AutoPOP3(10110): Connection from process 250425.10.2005 11:08:01 [150] AutoPOP3(10110): Connection from 127.0.0.1:427325.10.2005 11:08:01 [cd8] AutoPOP3(10110): Client connected25.10.2005 11:11:03 [cd8] AutoPOP3(10110): Cannot connect to 196-47-6-168.access.uunet.co.za:11025.10.2005 11:11:03 [cd8] AutoPOP3(10110): Connect: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (10060)25.10.2005 11:11:03 [cd8] AutoPOP3(10110): Client disconnected Link to comment Share on other sites More sharing options...
Huck Posted October 25, 2005 Report Share Posted October 25, 2005 Perhaps someone just uses 110 port for bt client. Link to comment Share on other sites More sharing options...
Fillado Posted October 25, 2005 Report Share Posted October 25, 2005 Yeah, quite often people use ports such as those used for sending emails to get around blocks imposed on their ports (such as if they're at work). Nothing to worry about Link to comment Share on other sites More sharing options...
MrTufty Posted October 25, 2005 Report Share Posted October 25, 2005 Looks like that to me too. Link to comment Share on other sites More sharing options...
chaosblade Posted October 25, 2005 Report Share Posted October 25, 2005 No 3rd party program should ever allow use of the first 1056 ports, As they are reserved for dedicated protocols and services. Link to comment Share on other sites More sharing options...
sethg Posted October 25, 2005 Report Share Posted October 25, 2005 I think there are a few well-known ports above 1023 that should be avoided as well. Another reason ports 0-1023 are traditionally reserved is because you need to have root privileges to access them under Unix. Link to comment Share on other sites More sharing options...
foxtail Posted October 28, 2005 Report Share Posted October 28, 2005 by the way, domain .co.za is south africa, not zaire (country that used to be zaire is now democratic republic of the congo and the TLD is .cd ) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.