darksky-ga:
Loudcloud.com, now known as Opsware, is the company created by Marc
Andreesen, the creator of Mosaic (the first graphically-rich web
browser) following his departure from Netscape. Prior to renaming
themselves as Opsware and changing their business focus towards
outsourced applications, Loudcloud offered (among other things) web
hosting and web monitoring services. At their peak, Loudcloud could
boast of having customers as large and diverse as Nike, or
Britannica.com. The "cust.loudcloud.com" subdomain was (and is) used
as 'internal addresses' for their customer sites; normally, the
customer uses their own domain name to mask this loudcloud.com one.
When I look deeper into the particular customer site you mentioned in
your question, using online tools such as the ones so graciously
provided by CentralOps.net ( http://www.centralops.net/co/ ), I find
that 'm1769sjc.cust.loudcloud.com' is no longer online. This means
that this particular Loudcloud customer site is no longer in
operation. What or who was this site? It could have been as simple as
a quality feedback tracking tool built into Mozilla, or it could have
been something embedded in your Mozilla start page. Regardless, the
fact that the URL no longer resolves to an active server, and the fact
that you have blocked the URL at your firewall, means that you are
most likely safe. At the very least, given Loudcloud/Opsware's
reputation as a credible and ethical business, it is unlikely that
their former customer would have been engaged in anything harmful to
you or your PC.
If you want to be doubly certain that you are safe, and if you are not
already using a software firewall with program-level control over
Internet access, then I suggest you trial something like Zone Alarm,
which will give you a real-time view of which programs on your PC are
trying to access your Internet connection, and provide you the ability
to block or allow that access to observe what happens:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?lid=zaskulist_download
Finally, I suggest that you try a couple of experiments on your own to
narrow down the cause of this issue even further. Try changing your
default start page in Mozilla, and see if the connection remains. In
the Firefox options and preferences, look for anything along the lines
of a quality monitoring option, or error reporting option, and disable
it. If you have any optional plugins or extensions installed, try
disabling them. After each change, check your netstat results to see
if the connection is still being attempted.
Good luck!
aht-ga
Google Answers Researcher |
Clarification of Answer by
aht-ga
on
04 Jul 2004 09:19 PDT
If, after you unblock the address from your firewall, you see that the
connection is still being established in netstat, then please also
perform a 'ping m1769sjc.cust.loudcloud.com' command to see what IP
address your PC is using to communicate to that name. My statement
above, that the address is no longer online, is based on the fact that
the loudcloud name servers are no longer resolving that exact name to
an IP address; however, your machine may either have that name and its
IP address cached, or entered locally. If you can determine the IP
address that your PC is using to establish the link, we can
investigate using that IP address to see what else can be found.
Thanks,
aht-ga
Google Answers Researcher
|
Request for Answer Clarification by
darksky-ga
on
04 Jul 2004 16:07 PDT
Looking at my firewall logs, I can see the connection is still trying
to be established. However I have discovered it not only activates
with mozilla but with some of the startup processes during boot. It
also attempts different ports each time. I tried the ping command and
it said it could not reslove the address. I suppose my next step is
to call the company making opsware to see if they have a way to detect
whether their products are on my system somehow. I have scanned with
adaware, webroots spy sweeper, norton, sophos, pestpatrol. Thanks for
the response.
|
