Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

computer forcing access to ip address to allow program to connect


  • Please log in to reply

#1
lsmithcom

lsmithcom

    New Member

  • Member
  • Pip
  • 1 posts

i've got a computer that is running behind a palo alto firewall.  the pc uses a program called endicia to create shipping labels.  it also has internet access to a remote mysql database.  i started to lock down the firewall rules so the computer would only be able to access the internet for the software above and found that unless i granted access to a different IP address, the endicia software would not connect.  i contacted the software vendor and they swear that the IP address that is requiring connection is not one of theirs.

 

I'm trying to figure out of this is a sign of an infected computer. Is it possible for malware to be able to block internet access to valid IP addresses if the IP address to their infected IP address is not open?    Oh, one other thing that happens on this computer is that it constantly tries to connect to other computers on the network.   The firewall shows repeated attempts to contact internal IP addresses that have been removed from the computer.

 

If I have to clean up this computer, is it good enough to simply stick in a CD with KillDisk on it and nuke the hard drive and then use the installation CDs to reinstall, or can malware survive in memory if it is a really smart rootkit?   Are there any other steps I should take that will wipe this computer absolutely clean and destroy any possibility of a rootkit, so I can reinstall the operating system XP and software programs? 

 

Thanks for any help.


  • 0

Advertisements


#2
Crag_Hack

Crag_Hack

    Trusted Helper

  • Malware Removal
  • 1,775 posts

A wipe should get rid of any malware unless some is hiding on a usb stick or cd you hook up the computer.  Also you can lock down your computer with a non-admin account after a fresh install to restrict any malware that tries to run subsequently.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP