I recently signed up for a public DNS service called OpenDNS. It lets me
see the DNS requests coming from my network.
I notice that every day, my 'network' (1 PC, 1 HDTV, 2 printers) is
making thousands of attempts to contact logmein.com. Also a large number
of requests for patch.everquest.com, which I understand is needed to
play Everquest.
At first I thought "I'm hacked" but Malwarebytes and Norton Power Eraser
say I'm clean. I recognize every item in my HiJackThis log and they're
all valid.
Then I thought "My wireless network is hacked" but I have a completely
random (maximum entropy)24-character password behind WPA2/AES
encryption. Anyway, I changed my network password, and the requests for
logmein and patch.everquest are still coming.
OpenDNS lets me block access to these servers (i.e., it won't return an
IP address) and I've been doing that for days. And yet I get no error
messages and everything on my PC seems to be working fine.
So now I'm thinking: maybe this is all legitimate, albeit puzzling.
Perhaps something installed on my PC is legitimately contacting these
servers? Maybe it's Firefox just doing its thing? Or maybe the maker of
my video card (Sapphire) once had a tie-in with Everquest and never
removed all the code from its bundled software?
So, after all this, my question: Has anyone else experienced this, and
is it expected behavior, that I just have to live with?
Daddy
--- Original Message ---
Everquest may be using the logmein service, see: https://secure.logmein.com/
That would make sense as far as I can tell.
--
*Jay Garcia - Netscape Champion*
www.ufaq.org
Netscape - Firefox - SeaMonkey - Thunderbird
Thanks for your help. I did find out that it's possible to play
Everquest by using LogMeIn to login to a server on which Everquest is
installed. But for reasons described above, it's pretty much impossible
for a third party to be using my LAN to login to Everquest.
It's been several days since I blocked access to logmein and Everquest,
and I changed my network password, but those domains are still being
requested hundreds of times a day. Which leads me to suspect that it's
my own computer that's making those requests...
Daddy
--- Original Message ---
In your Windows command line, type netstat and you may be able to find
the source.
I'm also aware that the internet is filled with 'chatter' that has
nothing to do with my own computer or my own LAN. Maybe my cable
internet company is routing these DNS requests through me and others on
its network? Simply load balancing, perhaps?
Daddy