Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.
Have you ever been on www.sportingnews.com just for a visit?
It could be harmless
NY1986, this probably is harmless, although unusual. What operating system and service pack are you using? Windows doesn’t usually make http connections from ports greater than 4095 but I believe that a recent Microsoft update may have changed those rules and explain why you are seeing this.
I use Vista Home premium 32 bit with Vista Service pack 1. DSL connection on 24/7
I just found this entry on my connection log:
9/12/08 10:33:36am
Connection: fantasysource.sportingnews.com: http(80)
from MY-PC: Back-Orifice-2000(54320),
4248 bytes sent, 8099 bytes received, 1.034 elapsed time.
Now when I google Back-Orifice I see a lot of nasty information. But as you can see , I was connecting to
fantasysource.sportingnews.com and my computer full system scan last run early this am, shows no infections other than tracking cookie. I think I may know the answer, but would like confirmation
Does it show up like this on the connection log because historically port 54320 had been involved with Back Orifice infection, so because of that history the logging function has nicknamed port 54320 as Back Orifice?
I have been on this site fantasysource.sportingnews.com for a little bit this morning and notice other connections like :
9/12/08 10:33:36am
Connection: fantasysource.sportingnews.com: http(80)
from MY-PC: 54318,
8080 bytes sent, 38802 bytes received, 4.192 elapsed time.
where the port is 54318 is used. And other entries where 54319 was used. So is it that my conection is just going through the next avalable port and thus 54320 was next available?
Guess my bottom line question, the ports themselves are not exclusive to bad things? And that very possibly this is not a bad issue?
it appears I have a lot of connections running in the 5000+ range
I mean 50000+ range
Might a Norton staff look at this on Monday?