Security Issue? Anyone know anything about APS Telecom?

  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23473
  • Loc: Woodbridge VA

Post 3+ Months Ago

Some specs first:
Win2k OS
Siemens SpeedStream router with ZoneAlarm firewall
Symantec Corp Edition Virus protection
Adaware (ran frequently)
Comcast internet connection

Here's my original problem for reference:

The lag time in displaying pages on my home computer has been driving me nuts. I think it was yesterday I nixed a couple Adware/Spyware stuff via Adaware. Tonight, when I ran it I had only 10 tracking cookies from sites I visited today...nothing malicious.

Earlier, I was having the darndest time getting pages to load, not just at OZZU, but virtually anywhere I was trying to surf. At some point I got fed up and ran Netstat several times and identified APS Telecom had multiple time-wait active connections to multiple ports (almost in sequence -- below is a sample):


Active Connections

Proto Local Address Foreign Address State
TCP master:1424 TIME_WAIT
TCP master:1478 TIME_WAIT
TCP master:1481 TIME_WAIT
TCP master:1482 TIME_WAIT
TCP master:1483 TIME_WAIT
TCP master:1484 TIME_WAIT
TCP master:1485 TIME_WAIT
TCP master:1486 TIME_WAIT
TCP master:1487 TIME_WAIT
TCP master:1488 TIME_WAIT
TCP master:1489 TIME_WAIT
TCP master:1490 TIME_WAIT
TCP master:1491 TIME_WAIT
TCP master:1493 TIME_WAIT
TCP master:1494 TIME_WAIT
TCP master:1496 TIME_WAIT
TCP master:1502 TIME_WAIT
TCP master:1504 TIME_WAIT
TCP master:1506 LAST_ACK
TCP master:1509 TIME_WAIT

C:\Documents and Settings\Administrator>tracert

Tracing route to over a maximum of 30 hops

1 * * * Request timed out.
2 15 ms 16 ms 16 ms
3 15 ms 16 ms <10 ms
4 15 ms 16 ms <10 ms
5 16 ms 16 ms 15 ms
6 16 ms 15 ms 31 ms
7 32 ms 15 ms 31 ms []
8 31 ms 16 ms 31 ms []
9 31 ms 16 ms 31 ms []
10 47 ms 16 ms 31 ms []
11 16 ms 31 ms 16 ms []
12 31 ms 16 ms 47 ms [
13 31 ms 47 ms 32 ms [
14 47 ms 47 ms 47 ms [
15 47 ms 47 ms 31 ms [
16 63 ms 62 ms 63 ms [
17 94 ms 109 ms 94 ms [
18 93 ms 94 ms 109 ms [
19 94 ms 94 ms 109 ms [
20 94 ms 109 ms 94 ms [38.1
21 * * * Request timed out.
22 * * * Request timed out.
23 * * 109 ms

Trace complete.

C:\Documents and Settings\Administrator>netstat

Active Connections

Proto Local Address Foreign Address State
TCP master:1752 TIME_WAIT
TCP master:1753 TIME_WAIT
TCP master:1760 TIME_WAIT
TCP master:1761 TIME_WAIT
TCP master:1762 TIME_WAIT
TCP master:1768 TIME_WAIT
TCP master:1769 TIME_WAIT
TCP master:1773 TIME_WAIT
TCP master:1775 TIME_WAIT
TCP master:1780 TIME_WAIT
TCP master:1783 TIME_WAIT
TCP master:1786 TIME_WAIT
TCP master:1790 TIME_WAIT
TCP master:1791 TIME_WAIT
TCP master:1792 TIME_WAIT
TCP master:1797 TIME_WAIT and are both owned by APS Telecom. Google didn't provide much info. I ran tracert and NeoTrace and did a few whois searches and narrowed the abuse email to is a private hosting service out of San Jose, CA, although APS Telecom appears to be from 1802 N Carson Street, Carson City, NV according to's whois search and NeoTrace results.

The second IP address appears to be owned by APS as a sub- IP range within Abovenet Communication's range.

I can't think of a reason for the life of me why a couple hosting services out of California/Nevada would have an IP that would have that many port scans going on on my computer? Any ideas? It was at those times tonight when the port scans were taking place that my internet connectivity was for crap.
  • grinch2171
  • Moderator
  • Genius
  • User avatar
  • Posts: 6819
  • Loc: Martinsburg, WV

Post 3+ Months Ago

Spammer's maybe???? I wouldn't know of any other reason why you would be getting probed like that. You could bounce the Ip's off PeerGuardians list of naughty IP's? Not really sure how to do that though but it is a suggestion.
  • ModernDestroyer
  • Professor
  • Professor
  • User avatar
  • Posts: 794
  • Loc: California

Post 3+ Months Ago

Report it to the abuse email you got and give them the info and they will track them the rest of the way :twisted:
  • ThATKiD
  • Proficient
  • Proficient
  • User avatar
  • Posts: 321
  • Loc: somewere over there

Post 3+ Months Ago

wow that is strange i ran a neotrace and got the same thing. you don't have weird apps running in the back? no processes?
  • danahert
  • Born
  • Born
  • danahert
  • Posts: 1

Post 3+ Months Ago

Had IP address Browser hijack in a PC shipped to me from Hawaii. Guess who? APS TELECOM in Nevada.

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 29 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum

© 1998-2016. Ozzu® is a registered trademark of Unmelted, LLC.