Originally Posted by r0llinlacs
Funny. Where is the crusade of M$ defenders now? Oh wait, the tinfoil hat-wearing 7 lovers were right.
First of all, 602 connection attempts were to 192.168.1.255, using UDP port 137. That's the broadcast address where Windows computers on a local network announce their presence and look for other network computers using the NetBIOS Name Service. It's perfectly normal traffic.
Another 630 of those connection attempts were Domain Name System lookups to the router itself, 192.168.1.1, using UDP port 53. That address is the router itself.
Just as a heads up even the author of the er study has gone back on what he said
, also he installed an eval version which further hampers his "results"
Rather than one of these FUD articles once in a while with lines like "insecure" and "syping" I would love to see one broken down into what is actually being sent, over both the HTTP and HTTPS, as well as a full pcap available after the fact for other users to validate their results .... deadpool isnt till 6 Saturday i may have a bash