Guys, Just block the traffic altogether. You should be doing that anyway. Its just good security practice.
On your ubuntu, linux, solaris server or whatever just blackhole all the traffic. Example: In Ubuntu just type the command: sudo ip route add blackhole 91.0.0.0/8 You can verify this with the route -n command. Now start blocking tons of traffic. There are different ways to block traffic but this is my favorite. No messages are sent back such as unreachables as with reject messages. Think about it for a second. If you send a reject message such as destination unreachable then didn't I just find out that there is a live device somewhere? Who cares if the icmp was successful or not. My whole point was network reconnaissance. So black hole all of your traffic and hide in the shadows :-) Here in the US I block all IP subnets out side of my country such as Russia, China and so forth. If there is a specific need then you can simply unblock the traffic when desired. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-geoip in Ubuntu. https://bugs.launchpad.net/bugs/944251 Title: Unwanted secret outbound connection Status in The Date and Time Indicator: Invalid Status in “indicator-datetime” package in Ubuntu: Invalid Status in “ubuntu-geoip” package in Ubuntu: Invalid Status in “unity-scope-video-remote” package in Ubuntu: Opinion Bug description: On my Precise box i found some unwanted connections. I never told any process/programm to do that. output of 'netstat -atulpen' tcp 1 0 10.1.2.4:35438 46.137.162.6:80 CLOSE_WAIT 1000 16447 2322/python tcp 1 0 10.1.2.4:51869 91.189.94.25:80 CLOSE_WAIT 1000 8846 2303/ubuntu-geoip-p output of 'ps faux | grep 2322' 1000 2322 0.0 0.2 607636 17320 ? Sl 09:02 0:00 /usr/bin/python /usr/lib/unity-scope-video-remote/unity-scope-video- remote output of 'ps faux | grep 2303' 1000 2303 0.0 0.0 160488 5220 ? S 09:02 0:00 /usr/lib/ubuntu-geoip/ubuntu-geoip-provider output of ' whois 46.137.162.6': inetnum: 46.137.128.0 - 46.137.191.255 netname: AMAZON-EU-AWS descr: Amazon Web Services, Elastic Compute Cloud, EC2, EU output of ' whois 91.189.94.25': inetnum: 91.189.88.0 - 91.189.95.255 netname: CANONICAL-CORE descr: Canonical Ltd Whatever you are doing: Stop doing this things with _my_ computer without asking me! If i want phone-home-stuff, i can watch ET or use M$ W!nd*ws. To manage notifications about this bug go to: https://bugs.launchpad.net/indicator-datetime/+bug/944251/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
