IP address 143.252.156.16,80

  Belinda 19:03 18 Sep 05
Locked

Something on my PC keeps trying, through various ports, to access a website with IP address 143.252.156.16,80. My router blocks the connection.

I've run Adaware and Spybot and neither of them have identified this or dealt with it, whatever it is.

I've tried identifying the IP address on various websites, but don't understand the answers I'm getting, which aren't very informative in any case.

Does anyone know what might be doing this, or can anyone identify the owner of the IP address?

Thanks,

  Thalmus 19:09 18 Sep 05

Seems to be a company called Ripe from amsterdam, other than that, don't know

  GaT7 19:16 18 Sep 05

RIPE's website click here. When you visit their site, your IP address will be displayed just above 'RIPE WHOIS Database Search' on the right.

If I'm not mistaken, I've received spam emails in the past that apparently originated from their servers. They may not be responsible, but some of their users might. G

  keith-236785 19:34 18 Sep 05

The following is from a WhoIs search about the ip address 143.252.156.16

from the info it appears to be from News International in London. it might be that you are signed up to recieve news bullitens and this is why the same number keeps trying to get access.

Have a look and see if anything rings a bell, if not then just keep denying access.


% Information related to '143.252.0.0 - 143.252.255.255'
inetnum: 143.252.0.0 - 143.252.255.255
remarks:
remarks: This inetnum has been transfered as part of the ERX.
remarks: It was present in both the ARIN and RIPE databases, so
remarks: the information from both databases has been merged.
remarks: If you are the mntner of this object, please update it
remarks: to reflect the correct information.
remarks:
remarks: Please see the information for this process:
remarks: click here
remarks:
remarks: **** INFORMATION FROM ARIN OBJECT ****
remarks: netname: NEWS-INT-UK
descr: News International
descr: PO Box 481
descr: 1 Virginia Street
descr: London E1 9BD
remarks: country: GB
admin-c: MF2311-RIPE
tech-c: MF2311-RIPE
remarks: changed: [email protected] 19901026
remarks: changed: [email protected] 19950103
remarks: **** INFORMATION FROM RIPE OBJECT ****
netname: NEWS-INT-UK
descr: Times Supplements Limited
country: GB
admin-c: TE960-RIPE
tech-c: IR135-RIPE
rev-srv: ninl.newsint.co.uk ns.pipex.net
mnt-by: MNT-CENTERCORE
status: EARLY-REGISTRATION
source: RIPE # Filtered
person: Tony Evans
address: Times Supplements Limited
address: Admiral House
address: 66-68 East Smithfield
address: London
address: E1 9XY
address: England, UK
phone: +44 171 782 3000
fax-no: +44 171 782 3032
nic-hdl: TE960-RIPE
source: RIPE # Filtered
person: Martin Ford
address: News International
address: PO Box 481
address: 1 Virginia Street
address: London E1 9BD
address: GB
phone: +1 071 782 6795
nic-hdl: MF2311-RIPE
mnt-by: RIPE-ERX-MNT
source: RIPE # Filtered
person: Ian Reeves
address: Delphi Internet Ltd
address: The Elephant House
address: Hawley Crescent
address: London
address: NW1 8NP
address: GB
phone: +44 171 267 3620
fax-no: +44 171 757 7160
e-mail: [email protected]
nic-hdl: IR135-RIPE
source: RIPE # Filtered
% Information related to '143.252.0.0/16AS1849'
route: 143.252.0.0/16
descr: NEWS-INT-UK
origin: AS1849
mnt-by: AS1849-MNT
source: RIPE # Filtered

  keith-236785 19:37 18 Sep 05

stupid forum formatting

% Information related to '143.252.0.0 - 143.252.255.255'

inetnum: 143.252.0.0 - 143.252.255.255

remarks:
remarks: This inetnum has been transfered as part of the ERX.

remarks: It was present in both the ARIN and RIPE databases, so

remarks: the information from both databases has been merged.

remarks: If you are the mntner of this object, please update it

remarks: to reflect the correct information.
remarks:
remarks: Please see the information for this process:

remarks: click here

remarks:
remarks: **** INFORMATION FROM ARIN OBJECT ****
remarks: netname: NEWS-INT-UK

descr: News International

descr: PO Box 481

descr: 1 Virginia Street

descr: London E1 9BD

remarks: country: GB

admin-c: MF2311-RIPE

tech-c: MF2311-RIPE

remarks: changed: [email protected] 19901026

remarks: changed: [email protected] 19950103

remarks: **** INFORMATION FROM RIPE OBJECT ****

netname: NEWS-INT-UK

descr: Times Supplements Limited

country: GB

admin-c: TE960-RIPE

tech-c: IR135-RIPE

rev-srv: ninl.newsint.co.uk ns.pipex.net

mnt-by: MNT-CENTERCORE

status: EARLY-REGISTRATION

source: RIPE # Filtered

person: Tony Evans

address: Times Supplements Limited

address: Admiral House

address: 66-68 East Smithfield

address: London

address: E1 9XY

address: England, UK

phone: +44 171 782 3000

fax-no: +44 171 782 3032

nic-hdl: TE960-RIPE

source: RIPE # Filtered

person: Martin Ford

address: News International

address: PO Box 481

address: 1 Virginia Street

address: London E1 9BD

address: GB

phone: +1 071 782 6795

nic-hdl: MF2311-RIPE

mnt-by: RIPE-ERX-MNT

source: RIPE # Filtered

person: Ian Reeves

address: Delphi Internet Ltd

address: The Elephant House

address: Hawley Crescent

address: London

address: NW1 8NP

address: GB

phone: +44 171 267 3620

fax-no: +44 171 757 7160

e-mail: [email protected]

nic-hdl: IR135-RIPE

source: RIPE # Filtered

% Information related to '143.252.0.0/16AS1849'

route: 143.252.0.0/16

descr: NEWS-INT-UK

origin: AS1849

mnt-by: AS1849-MNT

source: RIPE # Filtered



thats better, i have removed the 80 from the end of the ip address as this normally refers to the port it is trying to open.

  pauldonovan 20:00 18 Sep 05

..is what it looks like. Have you downloaded an application relating to any of the newspapers in News International's stable?

  Thalmus 20:00 18 Sep 05

how did you perform your whois query? i used click here and got the resutls i posted above

  Thalmus 20:03 18 Sep 05

typed the ip address in ripes whois and got the info you got

  GANDALF <|:-)> 20:13 18 Sep 05

You will NOT get hacked on a home computer. Hackers are not interested in the utter drivel that is on mine and everyone else's

Firewalls are useful in stopping Trojans dialling out but to be honest, if someone wanted to put a dialler on a computer, it would not be rocket science. If you are on BB there is no chance of anything dialling out. There are at least 5 programmes that can by-pass firewalls, 'TooLeaky' having the Gibsonmeisters' grudgingly awarded seal of entry. The Cult of the Dead Cows' Back Orifice, cheekily named after Microsoft's' Back Office, could easily be put on a target computer, if one was really trying and the firewall would still be asleep dreaming of bytes.

However, like my computer, most home computers contain utter drivel which is important to the owner but naff all use to the great unwashed. Bank and credit card details can be culled much easier than rooting through turgid files on a home computer. Hacking is NOT about breaking into home computers, it is about getting onto networks using passwords.

The 'alerts/attacks' are merely computers on the net asking your computer if it is still connected; these queries are called 'handshakes'. When you are connected to the net you could be going through many servers and routers. This occurs in a millisecond, so you do not notice. All these routers and servers need to know that your computer is receiving, so that they can send images and WebPages to your IP, which is in effect, your mailbox or receiving station. When on the Net you can pass through more than 20 servers and routers and they could all be handshaking your computer at short intervals. You will notice many of the 'alerts' come from Telecoms, which should come as no surprise as they own most of the routers etc. It is also interesting and miraculous that the 'alerts' disappear when you pay for the *ahem* Pro-Version of a firewall (see Zonealarm;-) ).

If you were being hacked, I can assure you that you would not get an alert.

Turn off all the alert buttons/warnings on your firewall safe in the knowledge that you will not be hacked.

If it is any consolation, I do not use a firewall on both my computers and I am on BB. I use a firewall on my laptop only because I take it to clients...so out of respect for their fears....... If you want to use a firewall use one that works silently in the background such as Sygate, kerio unless you are networked onto a huge network, in which case you should be using a hardware firewall and your IT department will be looking after it; there is no point in paying for a firewall.

G

This thread is now locked and can not be replied to.

Amazon Fire HD 8 review: A brilliant combination of function and value – with one massive caveat

1995-2015: How technology has changed the world in 20 years

How to create an introvert-friendly workplace

Apple Watch 2 review | Apple Watch Series 2 review: New Apple Watch is faster, brighter, water-resit…