Re: partedmagic connecting to a comcast address

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Dec 3, 2014 at 5:49 AM, g <geleem@xxxxxxxxxxxxx> wrote:

> i have been noticing a short connection burst in system monitor every
> time i connect to internet.
>
> i got curious and decided to run wireshark to see what was happening.
>
> seems that i am connecting to 96.195.141.178 with destination of
> "PartedMagic".
>
> this seemed strange because i do not have PartedMagic installed, so
> i ran a 'whois' check.


> this is what it showed:
>
> IP Location    United States United States Pittsburgh
>                  Comcast Cable Communications Llc
> ASN            United States AS7922 COMCAST-7922
>                - Comcast Cable Communications, Inc.,US
>                  (registered Feb 14, 1997)
> Resolve Host   m001dd684d074.pitt1.pa.comcast.net
> Whois Server   whois.arin.net
> IP Address     96.195.141.178
> NetRange:      96.192.0.0 - 96.223.255.255
> CIDR:          96.192.0.0/11
> NetName:       COMCAST-VOIP-4
> NetHandle:     NET-96-192-0-0-1
> Parent:        NET96 (NET-96-0-0-0-0)
> NetType:       Direct Allocation
> OriginAS:
> Organization:  Comcast Cable Communications, LLC (CCCS)
>
> is this something for concern?
>

Maybe.
A bit odd since that's assigned as Comcast VOIP and not a static customer
block.


>
> if so, what is/are best way/s to track this down?
>

I'd dump the traffic with tcpdump or wireshark and analyze it.
What type of traffic is it?
(transport layer protocol, as well as application protocol -- ex: HTTP is
TCP port 80)

Are there any DNS queries that happen prior to the spike?  Use wireshark to
capture them and that might give a clue.

You could also use nethogs to diagnose and determine what program is
causing the spike.
http://nethogs.sourceforge.net/


-- 
---~~.~~---
Mike
//  SilverTip257  //
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux