Archived from groups: microsoft.public.win98.gen_discussion (
More info?)
'Outlook Express' from your computer wants to send UDP datagram to
64.136.28.120, port 53
Yea, I got it too, a series of them! I notice it will happen when those
global UDP rules are disallowed & one clicks to open a NG in the left
pane of OE.
IE also will complain when opening the first instance of it by clicking
an URL.
--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR
pcrrcp@netzero.net
"PCR" <pcrrcp@netzero.net> wrote in message
news:e0nkjTpqFHA.3720@TK2MSFTNGP14.phx.gbl...
| You are welcome. No, by PA's words, don't allow it. In fact, deny it &
| have Kerio create a rule against it. That is easy to figure: it's
right
| on the alert box. Then, see whether OE still functions for you. You
may
| even edit the rule to have it inform you when it happens... R-Clk
Kerio
| in the tray, select "Administration", click the Advanced button, D-Clk
| the new OE rule, & put a check in "Display an alert box...".
|
| Hmm-- how many OE rules are showing at that screen before the new one?
| Is there one already denying UDP?
|
| Well, try the sites Bear posted. The message you posted was...
|
| (a) "I get an unexpected prompt that OE wants to connect to a URL or
| ISP"
| Well, that sounds like the one I get that's normal when the rule
| for TCP is disallowed...
| "'Outlook Express' from your computer wants to connect to
| 207.46.248.16, port 119"
|
| (b) "'Outlook Express' from your computer wants to send UDP datagram
to
| localhost [127.0.0.1], port 1230"
|
| That one I haven't seen, actually. I do appear to have two rules
| involving UDP above the OE rule. They each appear to be very liberal
in
| allowing it-- any app, any port, whatever. I have unchecked them now
to
| disallow it, & let us see what happens.
|
| Yikes, almost immediately, NetZero is doing a lot of complaining...
| "Someone from 64.136.28.120, port 53 wants to send UDP datagram to
port
| 1122 owned by 'ZCast' on your computer". (I wonder whether that
explains
| it's stealth updates.)
|
| But OE hasn't yet complained.
|
|
| --
| Thanks or Good Luck,
| There may be humor in this post, and,
| Naturally, you will not sue,
| should things get worse after this,
| PCR
| pcrrcp@netzero.net
| "Lorraine" <notme@nowhere.net> wrote in message
| news:AsMPe.679845$cg1.24737@bgtnsc04-news.ops.worldnet.att.net...
| | Thanks PCR and PA Bear. I really appreciate the information but it
is
| too much
| | tech.-talk for me, besides I'm too old to absorb all that. My
brain's
| RAM is
| | functioning but its hard drive is kaput. Very good UDP datagram
| explanation PA
| | Bear. I don't know what will happen but I let the last one go
through.
| I don't
| | believe I have anything of importance on my computer. I never used a
| credit card
| | and I store everything personal on CDs. I do use several PC cleaners
| and they
| | found lots of stuff. I clean out this computer regularly but I did
| some heavy
| | searching and got caught up in what I was doing and accumulated a
| bunch of
| | trash. My mistake and that could be the cause. I deleted almost all
| the programs
| | that I updated or installed prior to when this situation started but
| today it
| | just came back again. This computer is my 3rd one purchased in July
| 1999. Until
| | about a week ago I never got this alert. I really am not that
computer
| literate,
| | self-thought with the help of newsgroups like this one and to me
this
| appears to
| | be some form of bug. But I'm guessing. There is a site that will
| analyze your
| | computer for viruses but I can't remember were I stored it. Either
of
| you know
| | of one? Again, thank you.
| |
| |
| | "PA Bear" <PABearMVP@gmail.com> wrote in message
| | news:OjE0kcnqFHA.2212@TK2MSFTNGP15.phx.gbl...
| | > Lorraine wrote:
| | > > > > Thanks PA Bear I just checked and the settings are as you
show
| below.
| | > > > > Your point about OE running in the background could be
correct
| as I
| | > > > > sometimes check email and/or newsgroups but I don't always
| close the
| | > > > > program. I'll have to watch that. But even if OE is running
in
| the
| | > > > > background it should not just try to dial out unless a
program
| | > > > > initiated it? Could it be OE itself? I will keep a close eye
| on it
| | > > > > when it happens again and write down exactly who it is
sending
| too.
| | > > >
| | > > > Since you said you were already connected to the internet when
| this
| | > > > occurs, there is no need for it to dial out. If OE is open
and
| you have
| | > > > its options set to check for new mail at intervals, that is
| exactly what
| | > > > it will do.
| | > > >
| | > > > Are you running a firewall program and is it that program that
| is
| | > > > telling you that OE wants to connect? Have you updated OE
| recently?
| | > >
| | > > <snip>
| | > >
| | > > OE is open and options are not set to check for new mail at
| intervals. I
| | > > am running Kerio firewall, which is alerting me to the outgoing
| message.
| | > > I keep IE updated but I never updated OE specifically as I
assumed
| that
| | > > was part of the IE update? Am I in error here? I realize that
| attachments
| | > > are frowned upon here but I have a 28 KB Word document which I
can
| post
| | > > showing the error box if acceptable?
| | > >
| | > > Kerio Personal Firewall
| | > > Outgoing Connection Alert!
| | > > 'Outlook Express' from your computer wants to send UDP datagram
to
| | > > localhost [127.0.0.1], port 1230
| | >
| | > 1. Make *certain* you're fully up-to-date at Windows Update.
| | >
| | > 2. Check for Hijackware
| | >
http://aumha.org/a/parasite.htm
| | >
http://aumha.org/a/quickfix.htm
| | >
http://aumha.net/viewtopic.php?t=5878
| | >
http://mvps.org/winhelp2002/unwanted.htm
| | >
http://inetexplorer.mvps.org/data/prevention.htm
| | >
http://inetexplorer.mvps.org/archive/tshoot.html
| | >
http://www.mvps.org/sramesh2k/Malware_Defence.htm
| | > http://defendingyourmachine.blogspot.com/
| | >
| | > When all else fails, HijackThis v1.99.1
| | > (http://aumha.net/downloads/hijackthis.zip) is the preferred tool
to
| use.
| | > It will help you to both identify and remove any
hijackware/spyware.
| **Post
| | > your log to http://forums.spywareinfo.com/,
| | >
http://castlecops.com/forum67.html or
|
http://aumha.net/viewforum.php?f=30
| | > for expert analysis, not here.**
| | > --
| | > ~Robear Dyer (PA Bear)
| | > MS MVP-Windows (IE/OE, Shell/User, Security), AH-VSOP
| | >
| |
|
|