Quote:
Atrocities said:
What does it mean when your Fire Wall reports that Outlook Express has several connections with other computers and list about 20 IP addresses?
Now you look and see that Outlook is not running in the task manager yet you cannot connect to the internet. You time out.
I have ran three differant virus scans, Panda Soft, Nortan, and one other, along with STINGER, Pest Patrol, Spy Bot and other programs. They all say my system is clean.
So my question is WTF? Could it be a Java or X based bug?
|
It doesn't have to be third-party spyware or other intrusion. Outlook Bug-Express has some very strange behaviors built right in. For one thing, when messenger spam is sent to your machine (UDP datagrams on port 1026 and 1027) it tries to open a connection to the originating site. Can't imagine what the purpose of that would be, but it's probably something in the messenger protocol. These odd connections you were noticing might have been related to these 'automatic' reactions to various pokes and prods from the network. The actual IP addresses would help in figuring this out. Add to this 'knee-jerk' network behavior the vulnerability to various 'scripts' that can be included in emails and get executed
automatically without you even viewing the message and it's really impossible to call it anything less than one huge security hole.
I agree with the recommendation to completely block it in your firewall and get a new email program. It's probably not smart to remove it, though. Since it is tied to IE and you need IE to get Windows Updates and possibly for other obscure things you'd be wise to just keep it around with the firewall playing goalie. Eudora is a decent email program, though it's becoming a bit overly commercial. Thunderbird is supposed to be pretty good now that it's finally the reached 1.0 stage. I still like the Mozilla suite with all of browser, email, and IRC chat in a single package.
