Help...Should I be concerned about my Firewall Logs

[LibertyorDeath]

Been far to long since I logged into RI <br>So hello to any who remember me.<br>Hey dbeach how the hell are ya?<br><br>I have a concern I decided to check my Firewall logs<br>and this is some of what I found.<br><br> Search results for: 33.62.136.174:0<br><br><br>OrgName: DoD Network Information Center<br>OrgID: DNIC<br>Address: 3990 E. Broad Street<br>City: Columbus<br>StateProv: OH<br>PostalCode: 43218<br>Country: US<br><br>NetRange: 33.0.0.0 - 33.255.255.255<br>CIDR: 33.0.0.0/8<br>NetName: DCMC-1<br>NetHandle: NET-33-0-0-0-1<br>Parent:<br>NetType: Direct Allocation<br>NameServer: CON1R.NIPR.MIL<br>NameServer: AAA-KELLY.NIPR.MIL<br>NameServer: AAA-VAIHINGEN.NIPR.MIL<br>NameServer: AAA-WHEELER.NIPR.MIL<br>Comment: DOD Network Information Center<br>Comment: 7990 Science Applications Court<br>Comment: Vienna, VA 22183-7000 US<br>RegDate:<br>Updated: 2006-01-27<br><br>RTechHandle: ZD41-ARIN<br>RTechName: DOD Network Information Center<br>RTechPhone: +1-800-365-3642<br>RTechEmail: HOSTMASTER@nic.mil<br><br>OrgTechHandle: MIL-HSTMST-ARIN<br>OrgTechName: Network DoD<br>OrgTechPhone: +1-800-365-3642<br>OrgTechEmail: HOSTMASTER@nic.mil<br><br># ARIN WHOIS database, last updated 2006-01-28 19:10<br><br><br>I googled NCTC as far as I can tell it's the National Counterterrorism Center<br><br>Search results for: 138.165.14.33:0<br><br><br>OrgName: NCTC<br>OrgID: NCTC-1<br>Address: 130 West Avenue Suite D<br>City: Pensacola<br>StateProv: FL<br>PostalCode: 32508-5111<br>Country: US<br><br>NetRange: 138.165.0.0 - 138.165.255.255<br>CIDR: 138.165.0.0/16<br>NetName: REGION-CS1<br>NetHandle: NET-138-165-0-0-1<br>Parent: NET-138-0-0-0-0<br>NetType: Direct Assignment<br>Comment:<br>RegDate: 1990-05-07<br>Updated: 2001-02-15<br><br>RTechHandle: SCG-ARIN<br>RTechName: Greunke, Steve<br>RTechPhone: +1-850-452-7560<br>RTechEmail: GREUNKES@spawar.navy.mil<br><br>OrgTechHandle: RS2224-ARIN<br>OrgTechName: Smith, Richard<br>OrgTechPhone: +1-850-452-7570<br>OrgTechEmail: RSMITH@ncts.navy.mil<br><br># ARIN WHOIS database, last updated 2006-01-28 19:10<br># Enter ? for additional hints on searching ARIN's WHOIS database.<br><br><br>earch results for: 164.158.20.80:0<br><br><br>OrgName: Naval Surface Warfare Center<br>OrgID: NSWC-7<br>Address: Port Hueneme Division Louisville<br>Address: Detachment 160 Rochester Drive<br>City: Louisville<br>StateProv: KY<br>PostalCode: 40214-5000<br>Country: US<br><br>NetRange: 164.158.0.0 - 164.158.255.255<br>CIDR: 164.158.0.0/16<br>NetName: NOSL-SEA06<br>NetHandle: NET-164-158-0-0-1<br>Parent: NET-164-0-0-0-0<br>NetType: Direct Assignment<br>NameServer: HERMES.NSWCL.NAVY.MIL<br>NameServer: MERCURY.NSWCL.NAVY.MIL<br>Comment:<br>RegDate: 1993-03-19<br>Updated: 1999-02-03<br><br>RTechHandle: GL47-ARIN<br>RTechName: Levay, Glenn<br>RTechPhone: +1-502-364-5560<br>RTechEmail: LevayGH@nswcl.navy.mil<br><br><br><br>earch results for: 25.0.121.104:29897<br><br><br>OrgName: DINSA, Ministry of Defence<br>OrgID: DMD-16<br>Address: HQ DCSA, Copenacre, c/o Basil Hill Barracks,<br>City: Corsham<br>StateProv: Wiltshire<br>PostalCode: SN13 9NR<br>Country: GB<br><br>NetRange: 25.0.0.0 - 25.255.255.255<br>CIDR: 25.0.0.0/8<br>NetName: RSRE-EXP<br>NetHandle: NET-25-0-0-0-1<br>Parent:<br>NetType: Direct Assignment<br>NameServer: NS1.CS.UCL.AC.UK<br>NameServer: RELAY.MOD.UK<br>Comment:<br>RegDate: 1985-01-28<br>Updated: 2005-09-06<br><br>OrgTechHandle: MNE30-ARIN<br>OrgTechName: Newton, Mathew<br>OrgTechPhone: +44 1225 813191<br>OrgTechEmail: mathew.newton643@mod.uk<br><br># ARIN WHOIS database, last updated 2006-01-28 19:10<br><br><br> Search results for: 136.219.38.1<br><br><br>OrgName: HQ, 5th Signal Command<br>OrgID: H5SC<br>Address: DCSOPS DNCC<br>Address: ASE-OP-OF<br>City: APO<br>StateProv: AE<br>PostalCode: 09056<br>Country: US<br><br>NetRange: 136.219.0.0 - 136.219.255.255<br>CIDR: 136.219.0.0/16<br>NetName: USAREUR4<br>NetHandle: NET-136-219-0-0-1<br>Parent: NET-136-0-0-0-0<br>NetType: Direct Assignment<br>NameServer: NS01.ARMY.MIL<br>NameServer: NS02.ARMY.MIL<br>NameServer: NS03.ARMY.MIL<br>Comment:<br>RegDate: 1991-06-19<br>Updated: 2005-07-06<br><br>RTechHandle: BS291-ARIN<br>RTechName: Schork, Brigitte<br>RTechPhone: +1-621-730-4031<br>RTechEmail: BRIGS@hq.5sigcmd.army.mil<br><br>OrgTechHandle: BS291-ARIN<br>OrgTechName: Schork, Brigitte<br>OrgTechPhone: +1-621-730-4031<br>OrgTechEmail: BRIGS@hq.5sigcmd.army.mil<br><br># ARIN WHOIS database, last updated 2006-01-27 19:10<br><br><br>Search results for: 11.15.140.139:0<br><br><br>OrgName: DoD Network Information Center<br>OrgID: DNIC<br>Address: 3990 E. Broad Street<br>City: Columbus<br>StateProv: OH<br>PostalCode: 43218<br>Country: US<br><br>NetRange: 11.0.0.0 - 11.255.255.255<br>CIDR: 11.0.0.0/8<br>NetName: DODIIS<br>NetHandle: NET-11-0-0-0-1<br>Parent:<br>NetType: Direct Allocation<br>Comment: DoD Intel Information Systems<br>Comment: Defense Intelligence Agency<br>Comment: Washington, DC 20301 US<br>RegDate: 1984-01-19<br>Updated: 1998-09-26<br><br>RTechHandle: MIL-HSTMST-ARIN<br>RTechName: Network DoD<br>RTechPhone: +1-800-365-3642<br>RTechEmail: HOSTMASTER@nic.mil<br><br>OrgTechHandle: MIL-HSTMST-ARIN<br>OrgTechName: Network DoD<br>OrgTechPhone: +1-800-365-3642<br>OrgTechEmail: HOSTMASTER@nic.mil<br><br># ARIN WHOIS database, last updated 2006-01-28 19:10<br><br>I realize infected comp's at all these places can scan my ports but what are the odds<br>some are showing up multiple times<br><br>the NCTC one is creeping me out.<br><br>Thanks for your input.<br><br>FYI I'm an ordinary everyday person who is left of center and hangs at progressive sites.<br><br>I marched 2 times against the Iraq invasion. <p></p><i></i>

[StarmanSkye]

Heyia LibertyorDeath;<br><br>Sounds like some people have WAAAY too much time on their hands -- and IF the public treasury is being tapped to pay for tens, hundreds of thousands of web and firewall searches on nothing but 'fishing' expeditions -- then massive abuse of power and a gross crime is being committed by a corrupt, illegitimate gummint bureaucracy whose paranoid psychosis is a sure sign that its collapse from internal decay is only a matter a time.<br><br>The following comment posted on Tom Tomorrow's blog is an intriguing suggestion, something all Truth and Justice seekers can do as a subtle protest against 4th Amerndment violations by fawning dupes of imperialism and bootlicking stooges of tyranny.<br><br>Whatever you do, don't let yourself by intimidated by the fascist goons and anti-democracy thugs -- they're on the wrong side of the long struggle for human decency, peace and freedom. Stand tall.<br><br>Starman<br>******<br><!--EZCODE AUTOLINK START--><a href="http://thismodernworld.com/2628">thismodernworld.com/2628</a><!--EZCODE AUTOLINK END--><br>Bob Harris:<br>My Google search records now quote the Bill Of Rights<br>I’m at least as thrilled as you are that Team Chimpy now wants to see everything we’ve ever searched for online. Maybe there’s a way we can have a bit of fun while protesting at the same time. <br><br>Since I’m constantly researching stuff I’m writing about, I’ve had Google set as the default page in my browser for years now. (And since I used to write for “CSI,” I don’t even want to think about how many horrific ways to, say, mutilate a body are somewhere in my search records. I’m pretty sure “how to boil a skull” is in there somewhere. Seriously. And to answer your next question, I was eventually advised by a guy at the FBI that adding a dash of Biz to the water is a big help. Yes, that specific brand. No, he didn’t know why.)<br><br>So that will all be superfun if Team Chimpy gets their next spying wish.<br><br>But today, I entered the complete text of the Fourth Amendment –<br><br>The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.<br><br>– into the Google search window, generating this resulting URL.<br><br>And I have set this page in my browser’s preferences as my new default window.<br><br>So I still have a Google search page every time I open a window. But now I’m also adding a fun little protest directly into the data. This is oddly satisfying, every time. <br><br>Just thought maybe others might want to do the same.<br><br>UPDATE: You want creepy? Emailer Craig points out that the Microsoft search engine simply doesn’t recognize the Fourth Amendment at all.<br><br>We couldn’t find any results containing Amendment IV The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized..<br><br>No wonder they won’t fight the Chimp.<br><br>UPDATE part deux: Two different emailers have now written in to share the exact chemistry of why Biz is singularly good at getting tissue off bone, leaving your old skulls fresh-smelling and whiter than white. The Great Collective Mind is truly amazing. I cannot believe that Biz has wasted the chance for perhaps the greatest marketing campaign in history.<br><br>Just a shame no one can write in with a simple way to stop humankind from generating quite so many skulls in the first place. <br><br>posted by Bob Harris at 4:20 AM <br><br> <p></p><i></i>

[havanagila]

my paranoia - those huge 'echelon/promis" systems are loose. they are profiling the "unhappy liberal genes" for the next ideologically selecive virus pandemic. <br>its the DNA banks I am worried about...(nutty fears this afternoon...). <br><br><br><br> <p></p><i></i>

[Dreams End]

Does your firewall say what these folks were doing? Just probing/portscan? Some kind of attack? usually it gives some info like that. I'm not an expert at all, but it would be helpful info. <p></p><i></i>

[chiggerbit]

Are you on the no-fly list? I wonder how many people here are. <p></p><i></i>

[LibertyorDeath]

Hi thanks for the reply,<br><br>I run Zone Alarm & according to my logs these agencies<br>have been scaning my ports.<br>Some on multiple occassions<br>Some are High rated.<br><br>I'm not sure what to make of it I know infected machines at these places could scan me but what are the odds that all these places have infected machines <br>Why don't they just contact my IP provider if they want to know where I surf.<br><br>I can only assume they want into my machine. <p></p><i></i>

[LibertyorDeath]

I'm in Canada near Vancouver <br>Just a regular everyday leftwing Joe<br>I spend a lot of time at Democratic Underground & other left of center sites.<br>I lurk here and have never in any way shape or form<br>advocated anything violent or radical.<br>So I have no idea why this crap is showing up in my logs.<br>I find it hard to believe any of these organizations would be interested in me.<br>If they are then the "Left" in North America is in way deeper shit than I thought. <p></p><i></i>

[LibertyorDeath]

Polls Show Many Americans are Simply Dumber Than Bush<br><br>By Paul Craig Roberts<br><br>01/29/06 "ICH" -- -- Two recent polls, a Los Angeles Times/Bloomberg poll and a New York Times/CBS News poll, indicate why Bush is getting away with impeachable offenses. Half of the US population is incapable of acquiring, processing and understanding information.<br><br>Much of the problem is the media itself, which serves as a disinformation agency for the Bush administration. Fox "News" and right-wing talk radio are the worst, but with propagandistic outlets setting the standard for truth and patriotism, all of the media is affected to some degree.<br><br>Despite the media's failure, about half the population has managed to discern that the US invasion of Iraq has not made them safer and that the Bush administration's assault on civil liberties is not a necessary component of the war on terror. The problem, thus, lies with the absence of due diligence on the part of the other half of the population.<br><br>Consider the New York Times/CBS poll. Sixty-four percent of the respondents have concerns about losing civil liberties as a result of anti-terrorism measures put in place by President Bush. Yet, 53<br>percent approve of spying without obtaining court warrants "in order to reduce the threat of terrorism."<br><br>Why does any American think that spying without a warrant has any more effect in reducing the threat of terrorism than spying with a warrant? The Foreign Intelligence Surveillance Act, which Bush is disobeying, requires the executive to obtain from a secret panel of federal judges a warrant for spying on Americans. The purpose of the law is to prevent a president from spying for partisan political reasons. The law permits the president to spy first (for 72 hours) and then come to the court for permission. As the court meets in secret, spying without a warrant is no more effective in reducing the threat of terrorism than spying with a warrant.<br><br>Instead of explaining this basic truth, the media has played along with the Bush administration and formulated the question as a trade-off between civil liberties and protection from terrorists. This formulation is false and nonsensical. Why does the media enable the Bush administration to escape accountability for illegal behavior by putting false and misleading choices before the people?<br><br>The LA Times/Bloomberg poll has equally striking anomalies. Only 43 percent said they approved of Bush's performance as president. But a majority believe Bush's policies have made the US more secure.<br><br>It is extraordinary that anyone would think Americans are safer as a result of Bush invading two Muslim countries and constantly threatening two more with military attack. The invasions and threats have caused a dramatic swing in Muslim sentiment away from the US.<br>Prior to Bush's invasion of Iraq, a large majority of Muslims had a favorable opinion of America. Now only about 5 percent do.<br><br>A number of US commanders in Iraq and many Middle East experts have told the American public that the three year-old war in Iraq is serving both to recruit and to train terrorists for al Qaeda, which has grown many times its former size. Moreover, the US military has concluded that al Qaeda has succeeded in having its members elected to the new Iraqi government.<br><br>We have seen similar developments both in Egypt and in Pakistan. In the recent Egyptian elections, the radical Muslim Brotherhood, despite being suppressed by the Egyptian government, won a large number of seats. In Pakistan elements friendly or neutral toward al Qaeda control about half of the government. In Iraq, Bush's invasion has replaced secular Sunnis with Islamist Shia allied with Iran.<br><br>And now with the triumph of Hamas in the Palestinian election, we see the total failure of Bush's Middle Eastern policy. Bush has succeeded in displacing secular moderates from Middle Eastern governments and replacing them with Islamic extremists. It boggles the mind that this disastrous result makes Americans feel safer!<br><br>What does it say for democracy that half of the American population is unable to draw a rational conclusion from unambiguous facts?<br><br>Americans share this disability with the Bush administration.<br>According to news reports, the Bush administration is stunned by the election victory of the radical Islamist Hamas Party, which swept the US-financed Fatah Party from office. Why is the Bush administration astonished?<br><br>The Bush administration is astonished because it stupidly believes that hundreds of millions of Muslims should be grateful that the US has interfered in their internal affairs for 60 years, setting up colonies and puppet rulers to suppress their aspirations and to achieve, instead, purposes of the US government.<br><br>Americans need desperately to understand that 95 percent of all Muslim terrorists in the world were created in the past three years by Bush's invasion of Iraq.<br><br>Americans need desperately to comprehend that if Bush attacks Iran and Syria, as he intends, terrorism will explode, and American civil liberties will disappear into a thirty year war that will bankrupt the United States.<br><br>The total lack of rationality and competence in the White House and the inability of half of the US population to acquire and understand information are far larger threats to Americans than terrorism.<br><br>America has become a rogue nation, flying blind, guided only by ignorance and hubris. A terrible catastrophe awaits.<br><br>Paul Craig Roberts was Assistant Secretary of the Treasury in the Reagan administration. He was Associate Editor of the Wall Street Journal editorial page and Contributing Editor of National Review. He is coauthor of The Tyranny of Good Intentions.He can be reached at: paulcraigroberts@yahoo.com <p></p><i>Edited by: <A HREF=http://p216.ezboard.com/brigorousintuition.showUserPublicProfile?gid=libertyordeath@rigorousintuition>LibertyorDeath</A> at: 1/29/06 2:27 pm<br></i>

[*]

<br> I am the <!--EZCODE ITALIC START--><em><!--EZCODE UNDERLINE START--><span style="text-decoration:underline">last</span><!--EZCODE UNDERLINE END--></em><!--EZCODE ITALIC END--> person to be giving computer advice but:<br><br><br><br><!--EZCODE LINK START--><a href="http://www.a1-electronics.net/General_Interest/2005/Security_Nov.shtml">More suspicious activity by ZoneAlarm </a><!--EZCODE LINK END--><br><br><br><!--EZCODE QUOTE START--><blockquote><strong><em>Quote:</em></strong><hr><br><!--EZCODE BOLD START--><strong>Internet, Web, E-mail security update.</strong><!--EZCODE BOLD END--><br><br>Regular readers will know that we take Internet, web and e-mail security seriously and have always used ZoneAlarm, Norton Anti-virus and AdSubtract. This way in the past we have been able to stop our computers from being attacked and infected. BUT.<br><br>Things change.<br><br>The other day we were going over one of our computers and found in the Windows Internet Logs folder a file that we had never seen before and was growing at an alarming rate. We used all our skills and knowledge to delete it and stop it from working. We eventually tracked this growing file down to belonging to ZoneAlarm. If you use ZoneAlarm then look at the 'IAMDB.RDB' and there is even a back up for it there as well. Wonderful we say.<br><br>After browsing the web to see if anybody else knew anything about this file we found this:<br><br>"It seems that ZA comes with two spy dlls that according to the their manufacturer "utilizes its patented metering methodology to measure actual Internet and digital media audience user behaviour in real-time - click-by-click, page-by-page, second-by-second."<br><br>I found these two:<br><br>C:\WINDOWS\SYSTEM\VSMONAPI.DLL<br>C:\WINDOWS\SYSTEM\VSUTIL.DLL<br><br>Had been left on my system after uninstalling ZA. It seems that your system configuration and maybe the activity is logged to the file Iamdb.rbd, then transmitted. This discussion also implicates Steve Gibson of Grc/ShieldsUp/Opout in this as well."<br><br>These were new to us but we knew that some program or other was continually accessing the web while our computers were on but as ZoneAlarm did not say it was anything suspicious and we just assumed it was one of our security programs checking for a new version or whatever we did not worry much, as one would.<br><br>But it did annoy us that it seemed to be going on continually and should not. Thus we started searching to find out what was happening and why which is why we found the IAMDB.RDB file and that it was growing at an alarming rate. There always was a ZoneAlarm file in the past that grew but that was easy to replace every-so-often with a blank file. But not this.<br><br>Bear in mind that we use the paid for Pro version and not the free version that one might expect some checking which would be reasonable, but not if you have been a loyal paying customer for years.<br><br>Thus we have e-mailed ZoneAlarm twice now and eventually got an automated reply back saying they will get in touch with us in a couple of days. We have told them in no uncertain words that we will publish our findings as this policy of ZoneAlarm spying on peoples computers is totally unacceptable.<br><br>We have now tried using another firewall software called Sygate Personal Firewall which is free. There is a paid for version but as you can appreciate at first we are trying the free version to see what we think of it and to see if it works.<br><br>Well. Now we have a free firewall blocking the spying activities of a paid for firewall. Can you believe that. We can also say that the Sygate Firewall is working and stopping ZoneAlarm from phoning home all the time with our private and confidential computer use data.<br><br>Here is the web site link for Sygate which is part of Symantec.<br><br>We are just very pleased that we are now blocking ZoneAlarm but it makes our blood boil.<br><br><hr></blockquote><!--EZCODE QUOTE END--> <p></p><i></i>