Why should I care? I would feel the same way, but, for Windows Update!
When I worked for an UK Internet Technology Company, whilst working there there where a great number of unsolicited connections comming from Chinese and South African IP addresses.
Investigation into this traffic proved the traffic to be Hacker Activity and specifically Brute Force attempts to gain access to one of the Companies SQL servers.
In my time I have rarely seen attacks comming from English or Ammerican IP addresses. Those countries are probably just too well regulated and locked down and people have much easier ways of making money (aquiring information?).
So basicly the solution was historically to block incomming connections from any unknown Chineese IP addresses (which makes perfect sense, all the companies I've worked for have been UK, Ammerica or NZ based and have little business ties to China).
Until I reciently discovered that Microsoft seem to have distributed Windows Update world wide. Now, your friendly regional updates are sourced (or might be sourced) from China Seems crazy? Its happend to me (I thought I had a virus... maybe I do?). It just seems to be that Windows Update wants to download its latest batch of updates from China.
Just incase there is someone out there why might be able to say "hey, yup.. its a virus" and maybe I'm misjudging Microsoft? Heres the IP address(s) in question:
213.199.149.103
213.199.149.104
Registered to : Beijing Urban Network Co.,Ltd
Being accessed when I run Windows Update for Windows Vista Ulitimate.
Hey maybe its just got f'ed up and can't recognise where my IP is and thinks I'm in China.. I'm open to possibilities?
Thursday 30 December 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
What do YOU think?