Dart+Communications+PowerTCP

Forum Moderators: open

Message Too Old, No Replies

Dart+Communications+PowerTCP

paul_london

10:57 pm on Jan 22, 2003 (gmt 0)

22/01/03 19:44:23 81.73.141.41
- W3SVC3166213.171.193.3980HEAD/index.htm-200030917931HTTP/1.0/Dart+Communications+PowerTCP--
anyone know what this is?
paul london

threecrans

4:53 pm on Feb 10, 2003 (gmt 0)

This is a bot written using one of the PowerTCP HTTP activeX controls.

paul_london

10:12 pm on Feb 10, 2003 (gmt 0)

'PowerTCP HTTP activeX controls'
what does that mean exactly, bit of a newbie

wilderness

4:03 am on Feb 11, 2003 (gmt 0)

<snip>'PowerTCP HTTP activeX controls'
what does that mean exactly, bit of a newbie</snip>

Paul,
Active X is not a good thing to have enabled if you store sensitive data.
Through Active X it is entirely possible (if your using a Windows OS) for somebody to access your Windows Registry or most any other part of your hard drive through JS.

As a precaution it is best to turn off both Active X and ANY kind of scripting when online (either email or internet.)

digitaleus

7:19 am on Feb 11, 2003 (gmt 0)

Wilderness,

Although that is good advice it does not relate to Paul's query. Paul is recieving hits from the activeX control, on someone else's machine.

Paul,

You must really be a newbie if you don't know how to copy and paste into google :P

Seems to be something made by these guys [dart.com...]

A brief glance suggests that it is a toolkit that can be used to make your own bot. In other words, the user-agent doesn't tell you who made this bot, except that they're possible a bit amateur. The IP address will be your main clue.

digitaleus

7:26 am on Feb 11, 2003 (gmt 0)

Two pieces of info :)

Reverse lookup gives us host41-141.pool8173.interbusiness.it

Visiting [81.73.141.41...] brings up a basic-auth login, domain "ADSL Router Configuration Web Server".

Looks like it's just some random user who's made themselves a bot :)

paul_london

12:06 pm on Feb 11, 2003 (gmt 0)

thanks everybody