VMP’s or Vile Machine Probes!

Over the past several blogs, I’ve been reporting on netstat as a tool to find out who is connecting to my machine. I assumed up until yesterday that all of the Microsoft connections were beneficial updates and not data mining excursions. Now I know different. I was using both netstat and X-netstat 5.1 and in addition to (198.65.147.194) which I reported on in three different posts (1, 2, 3), I decided to check the rest of the connections from some sites.

First, I went to fatsavage.wordpress.com and found the ever present carnivore which you really can’t do much about. In addition there was the wordpress-Akamai services, the Snap tool, Google statistics and ltdomains.com which is also related to WordPress. In addition, there were connections from unknown.level3.net and Panther Express which is a direct competitor of Akamai and certainly wasn’t invited by ether them or I

When I went to this site (Tigerstail.wordpress.com), there were two connections from unknown.level 3 and Panther Express was gone. I went to a fairly non confrontational site and nobody bothered to monitor me except Google stats which is everywhere. I than went to fatsavage.com, home of the Fatsavage Shitlist of Law Enforcement Honeypots, and netstat lit up like a meteorite self destructing over Tunguska.

There were the normal connections by my blog host and Amazon and most of them used multiple connections to speed up the content feed but nothing like Carnivore from my local ISP. It tapped into my machine on 63 different ports at the same time. This is like the previously described hitbot on speed and I’m sure it was looking for hashed kiddie porn pictures which would identify the visitor as a pedophile instead of a libertarian protesting domestic spying.

This is not the first time I’ve witnessed VMP. I caught one site connecting on over 100 ports but was so stunned that I wasn’t quick enough to catch it on a hard copy.

VMP stands for Vile Machine Probes but is a direct tribute to Dr. Spock and the technical capabilities of the Vulcan Mind Probe. Of course the original VMP’s were dangerous because there was always a sharing of information and also a chance of physical damage to the weaker species. The same is true today.

By the way, I use a Firefox Browser on a Windows XP machine with updated PCcillin anti-virus and firewall. Once your using a Windows operating system, it’s splitting hairs to argue about who has the best antivirus.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: