7 replies to this topic

[fivealive]

so i know one means its a program on my computer initiated it and the other means something outside my computer did it my question is which one is which i ask because i was talking to a friend i nsweden on skype and i got this

2012/08/02 17:18:34 -0400 JAY-PCL jay IP-BLOCK 213.163.65.60 (Type: incoming, Port: 16333, Process: skype.exe)
2012/08/02 17:18:34 -0400 JAY-PCL jay IP-BLOCK 213.163.65.60 (Type: incoming, Port: 16333, Process: skype.exe)
2012/08/02 17:18:42 -0400 JAY-PCL jay IP-BLOCK 213.163.65.60 (Type: incoming, Port: 16333, Process: skype.exe)
2012/08/02 17:18:42 -0400 JAY-PCL jay IP-BLOCK 213.163.65.60 (Type: incoming, Port: 16333, Process: skype.exe)
2012/08/02 17:18:50 -0400 JAY-PCL jay IP-BLOCK 213.163.65.60 (Type: incoming, Port: 16333, Process: skype.exe)


i dont get it because it says incoming and iv never seen an incoming one before just outgoing

i do know their is a thread explaining what the difference of outgoing and incoming is but for some reason i cant find it.


i also know i dont have to worry since mbam blocked the connection but what i dont get is i thought Microsoft stop the supernode thing and that they have servers their running on their own now.

(or could it be the ad that was blocked well i was running the app?)

eitherway im curious

[AdvancedSetup]

http://forums.malwar...showtopic=10138

http://forums.malwar...post&pid=162100

[Strenalis]

Edit: Ron beat me to it. That's what I get for writing a novel.

An outgoing packet is when something from your own system is sent to another somewhere else in the world. An incoming packet is data that has been sent from a system out in the world somewhere to your own computer. With both types, Malwarebytes Anti-Malware will block this data so that packets with a destination to a bad IP will be stopped from leaving your computer, and packets from a bad IP headed towards your computer will be intercepted.

If the packets are coming and going through Skype, then it's more than likely not an issue. Yes, Microsoft ditched true peer to peer convention when they introduced supernodes, but it's still possible to connect to other Skype clients. Since I'm not a Microsoft employee, I haven't seen the underlying networking code for how a client interacts with other clients and supernodes. But I would imagine that it if 100% of data was being handled only by supernodes, then the servers could easily be overloaded. Instead, less important packets of data might be sent back and forth between regular users to give some breathing room to the supernodes, while more important data like that which contains encrypted personal information (ie your conversations and phone calls on Skype) are handled strictly by the supernodes for obvious security reasons.

Again, I'm not a Microsoft employee so this is just my take on why some Skype users are still connecting to malicious IP's.

Hope this helps.

[fivealive]

ah alright thanks both of you for the answers.

[DarkSnakeKobra]

Now if something were to be incoming then you would have something to worry about.

[AdvancedSetup]

Actually outgoing is typically of more concern. Incoming you can't really analyze and all you can do is block it with a firewall. Outgoing means that your computer is the one reaching out for some reason and if you don't know why then that could potentially be of concern. Don't forget though that every computer is constantly handling thousands of events and talking up a storm to every one around that will listen.

Run WireShark on your computer for 30 minutes and you might be amazed and how much inside/outside talking your computer is actually doing around the clock while it's on and no programs even really running.

[fivealive]

ah alright and dark if you look at the log i posted it is incomingXD but mbam blocked it

[DarkSnakeKobra]

AdvancedSetup, on 03 August 2012 - 12:31 AM, said:

Actually outgoing is typically of more concern. Incoming you can't really analyze and all you can do is block it with a firewall. Outgoing means that your computer is the one reaching out for some reason and if you don't know why then that could potentially be of concern. Don't forget though that every computer is constantly handling thousands of events and talking up a storm to every one around that will listen.

Run WireShark on your computer for 30 minutes and you might be amazed and how much inside/outside talking your computer is actually doing around the clock while it's on and no programs even really running.

Gotcha.