I don’t know if this means anything or not, but every time I open the thread, “The True Israel...” my firewall (actually a network watcher program called “Little Snitch”) informs me that an attempt is being made to open a port to my computer. I deny the connection and the thread loads. This has never happened on VNN forum or any other forum.

Safari wants to connect to d57-119
-56.home.cgocable.net on TCP port 8080 (http-
alt.)


I’m using a Macintosh, with OS 10.3.4. My browser is Safari.

I suspect that this is a hack attempt. Again, this has never happened before.

Enkidu

There is a pic posted in that thread at this post:
http://www.vnnforum.com/showpost.php?p=84538&postcount=3

The URL for the pic is
http://www2.timmysnow.com:8080/patrolmen/cato/pc0392.jpg

www2.timmysnow.com IP address is 24.57.119.56

$ dig -x 24.57.119.56

;; ANSWER SECTION:
56.119.57.24.in-addr.arpa. 86400 IN PTR d57-119-56.home.cgocable.net.

;; AUTHORITY SECTION:
119.57.24.in-addr.arpa. 86400 IN NS vader.cogeco.net.
119.57.24.in-addr.arpa. 86400 IN NS maul.cogeco.net.



$ whois timmysnow.com
Registrant:
timsnow.com
3164 Elmwood
London, Ontario n8r 4x4
Canada

Registered through: CheapDomain.com
Domain Name: TIMMYSNOW.COM
Created on: 06-Mar-03
Expires on: 06-Mar-05
Last Updated on: 06-Mar-03

Administrative Contact:
Oue, Tim timoue@cogeco.ca
timsnow.com
3164 Elmwood
London, Ontario n8r 4x4
Canada
(519) 980-2651 Fax --
Technical Contact:
Oue, Tim timoue@cogeco.ca
timsnow.com
3164 Elmwood
London, Ontario n8r 4x4
Canada
(519) 980-2651 Fax --

Domain servers in listed order:
NS1.MYDYNDNS.ORG
NS2.MYDYNDNS.ORG
NS3.MYDYNDNS.ORG
NS4.MYDYNDNS.ORG
NS5.MYDYNDNS.ORG

Looks like that the person hosting the pic is just running a personal webserver off their home computer on port 8080. The error message you posted just says that safari wants to connect to this server. What port is it trying to open (connect to) on your machine?

This is the only message my network watcher gives me:
"
Safari wants to connect to d57-119
-56.home.cgocable.net on TCP port 8080 (http-
alt.)
"

I'm not technically knowledgeable enough or set up to extract more information. I've gotten similar messages on legit sites, such as amazon.com just as I go to my account to finish a purchase.

I wish I could help more. If it is really a hack attempt, we will have to rely on the tech. whizbos to figure it out. Looks like Der Henker has done some good work.

Enkidu

Lol, I am not exactly expecting you to trust me. But if you read my post it's not exactly some anti-white ranting. It was just talking about some skewed versions people have about Israel.

I have no idea how to hack nor do I have any idea about what all that stuff is that Der Henker posted. It looks like info about the guy in the pic.

I got it from a pm and I didn't get any port pop up things. So if anybody was supposed to be hacked it was supposed to be me but I don't believe that what you saw was even someone attempting to hack. It probably just has something to do with the guys server.

I don't think it's anything but the guy's machine serving the image file. I don't know anything about how Enkidu's "network monitor" program works or what settings you can adjust or what "sets it off." From here, nothing seems unusual, ie.. not a single dropped packet at my firewall (which is very restrictive) from that address which tells me the server providing the image is doing only what I (and you when you load the thread) asked it to do - providing the image.

False Alarm, --- I now think so too. It’s rare that anything sets the warning off, so just in case ... and, I have never gotten the message on a forum, images or not, not once.

Legitimate web sites will set the alarm off if I make a secure purchase. I get the message when I open a browser or mail program that I have not yet configured. I get the message at my bank’s web site. Other than that, I don’t see the alarm twice a week. I can configure these sites to not set off the alarm, but other than for my browsers and mail program, I don’t do that.

The documentation (sparse) that comes with the program, “Little Snitch,” warns that web sites open a port before downloading a file to your computer, and that file could be an executable that you might not want running on your computer.

I guess I’m a tad over-cautious. I’ve got my browser set up to not automatically run or un-zip any download. Also the latest security update from Apple, if configured to do so, puts up an alarm on the first attempted execution of any program, that is, the very first time the program attempts to run.

Der Henker, thanks for looking at this, though.

Fortress Enkidu

edit: nevermind....

first off all if you are using MSIE and haven't applied the microsoft security updates, do so.

next, looking at the info this is not a hack attempt. traditional http requests are made at port 80. this image was served from a web server running an http service on port 8080. that's why the firewall popped up. http requesting a .jpg file is safe, some personal webservers/webcams, etc., server http over port 8080. its not a big deal

so there have been no hack attempts here? you should take that as an indictment that you arent making any progress.

10-12

Why should an enemy hack the place? They can just sign up and post baloney. Some of it's fun to read, but it chases off more people than a hack attack would.

so there have been no hack attempts here? you should take that as an indictment that you arent making any progress.

10-12

Tell that to Alex Linder. Hacked, cracked and DOS attacked from server to server, nimrod!