This morning I was logged into several websites and now maybe 4-5 hours later I'm not.
Other than cleaning it...I had a notice from my firewall that a site wanted to send "a UDP datagram to dist services" ...at "something or other \rccs"....I usually don't allow this...but I went ahead and allowed it...which is probably what reset the logins????
So is this a legit thing?
Why would this happen?
What is the purpose?
Why would a server want or need to reset the logins?
----------------------------------------------------
Somebody in Quebec is after me....
It tried again...this time denied....
Notice from my firewalll:
Someone from 63.243.156.234, port 26043 wants to send UDP datagram to port 1026 owned by 'Distributed COM Services' on your computer
c:\windows\system\rpcss.exe
whosis on 63.243.156.234....
63.243.156.234 = [ ]
OrgName: Teleglobe Inc.
OrgID: GLBE
Address: 1441 Carrie-Derick
City: Montreal
StateProv: QC
PostalCode: H3C-4S9
Country: CA
NetRange: 63.243.128.0 - 63.243.255.255
CIDR: 63.243.128.0/17
NetName: TELEGLOBE-3BLK
NetHandle: NET-63-243-128-0-1
Parent: NET-63-0-0-0-0
NetType: Direct Allocation
NameServer: CASTOR.TELEGLOBE.NET
NameServer: POLLUX.TELEGLOBE.NET
Info on RPCSS.EXE....
<a href='http://www.cexx.org/rpcss.htm' target='_blank'>http://www.cexx.org/rpcss.htm</a>
The RPCSS program ... is the Microsoft Remote Procedure Call Service.
It facilitates the development and debugging of distributed applications, apps that are resident on machines other than the local one.
****While I’m unaware of any current exploits the software is designed to make it easier for “nonresident,â€Â
