Google Answers Logo
View Question
Q: what does this connection mean in netstat??? ( Answered,   0 Comments )
Subject: what does this connection mean in netstat???
Category: Computers > Internet
Asked by: darksky-ga
List Price: $10.00
Posted: 04 Jul 2004 00:16 PDT
Expires: 03 Aug 2004 00:16 PDT
Question ID: 369443
Recently while checking netstat I noticed a strange connection to   It seems to initiate when launching
Mozilla Firefox but not IE.  I managed to block it with my firewall
but why is this happening? I have scanned for trojans and viruses.  Is
there anyway to look up this address or get more info on how to stop
this?  Should I be afraid that my computer has been hacked? Nothing
else seems to be strange about my system.  Using Windows XP.
Subject: Re: what does this connection mean in netstat???
Answered By: aht-ga on 04 Jul 2004 01:54 PDT
darksky-ga:, now known as Opsware, is the company created by Marc
Andreesen, the creator of Mosaic (the first graphically-rich web
browser) following his departure from Netscape. Prior to renaming
themselves as Opsware and changing their business focus towards
outsourced applications, Loudcloud offered (among other things) web
hosting and web monitoring services. At their peak, Loudcloud could
boast of having customers as large and diverse as Nike, or The "" subdomain was (and is) used
as 'internal addresses' for their customer sites; normally, the
customer uses their own domain name to mask this one.

When I look deeper into the particular customer site you mentioned in
your question, using online tools such as the ones so graciously
provided by ( ), I find
that '' is no longer online. This means
that this particular Loudcloud customer site is no longer in
operation. What or who was this site? It could have been as simple as
a quality feedback tracking tool built into Mozilla, or it could have
been something embedded in your Mozilla start page. Regardless, the
fact that the URL no longer resolves to an active server, and the fact
that you have blocked the URL at your firewall, means that you are
most likely safe. At the very least, given Loudcloud/Opsware's
reputation as a credible and ethical business, it is unlikely that
their former customer would have been engaged in anything harmful to
you or your PC.

If you want to be doubly certain that you are safe, and if you are not
already using a software firewall with program-level control over
Internet access, then I suggest you trial something like Zone Alarm,
which will give you a real-time view of which programs on your PC are
trying to access your Internet connection, and provide you the ability
to block or allow that access to observe what happens:

Finally, I suggest that you try a couple of experiments on your own to
narrow down the cause of this issue even further. Try changing your
default start page in Mozilla, and see if the connection remains. In
the Firefox options and preferences, look for anything along the lines
of a quality monitoring option, or error reporting option, and disable
it. If you have any optional plugins or extensions installed, try
disabling them. After each change, check your netstat results to see
if the connection is still being attempted.

Good luck!

Google Answers Researcher

Request for Answer Clarification by darksky-ga on 04 Jul 2004 02:38 PDT
Thx for the reply.  I was wondering would netstat still say connection
established if the site was truly dead?  Also I don't have a start
page and I only have the one plugin that comes with it.  I guess ill
try to remove that and see.  Thanks again.

Clarification of Answer by aht-ga on 04 Jul 2004 09:19 PDT
If, after you unblock the address from your firewall, you see that the
connection is still being established in netstat, then please also
perform a 'ping' command to see what IP
address your PC is using to communicate to that name. My statement
above, that the address is no longer online, is based on the fact that
the loudcloud name servers are no longer resolving that exact name to
an IP address; however, your machine may either have that name and its
IP address cached, or entered locally. If you can determine the IP
address that your PC is using to establish the link, we can
investigate using that IP address to see what else can be found.


Google Answers Researcher

Request for Answer Clarification by darksky-ga on 04 Jul 2004 16:07 PDT
Looking at my firewall logs,  I can see the connection is still trying
to be established.  However I have discovered it not only activates
with mozilla but with some of the startup processes during boot.  It
also attempts different ports each time. I tried the ping command and
it said it could not reslove the address.  I suppose my next step is
to call the company making opsware to see if they have a way to detect
whether their products are on my system somehow.   I have scanned with
adaware, webroots spy sweeper, norton, sophos, pestpatrol.  Thanks for
the response.

Clarification of Answer by aht-ga on 04 Jul 2004 17:53 PDT
If you wish to contact Opsware about this, use the following e-mail address:

This is from the following web page:

In your e-mail, it's probably a good idea at the very beginning to
explain that you are contacting due to a concern that they have
installed spyware on your computer. That should get their attention.
Provide the '' information to them, they
should be able to refer to their past records to see who this is/was.

Good luck!
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy