Why is Skype 188.8.131.52 on WinXP trying to access "Skype Extras Manager" (184.108.40.206)? Should we ALLOW or DENY these requests from the new Skype? Why or why not?
My ZoneAlarm personal firewall software went bonkers when I installed the new Skype 3.x software on Windows XP this week. Basically, I received all the "usual" warnings about Skype wanting to access the trusted zone, the Internet, etc.
But with Skype 3.0, there is a NEW warning: Skype Extras Manager is trying to access the Internet Application: skypePM.exe Destination IP: 220.127.116.11
Should we ALLOW or DENY this Skype 3.0 request? What are the ramifications of each decision?
on 29 Dec 2006, something possessed Robin Colleen Moore to write:
I'm not familiar with Skype, but if it popped up when you installed it from a reliable source, than perhaps this is just an Extras Manager that mentions whatever plugins or addons are available for download, which would require it to connect to a server. Perhaps someone else with Skype could shed more light on this.
You have decided to intstall/run Skype - which means you have decided to trust the Skype program. Then why don't you just let it do what it's designed to do instead of worrying about ZA alarms? If you don't trust Skype, use something else.
BTW, 18.104.22.168 seems to be a public ntp (time) server.
Yes. That's the problem with personal firewalls like ZA.
You should know. You installed ZA to present you with such kind of worries.
This is where 22.214.171.124 points to, which is NIST.
You can use Arin Whois and find that out be entering the IP in the search box.
That's for you to make that determination if it's legit or not. It's on you to make contact with Skype or NIST and find out what is happening. It's on you and no one else. It's your machine and no one else's machine.
On the other hand, you can uninstall skypePM.exe if you don't want it running, according to this.
Is it possible to turn off/disable the 'do more' option and not have the skypepm process running?
Yes, just delete it,( Progam Files\\Skype\\Pluin Manager folder and run the uninstall.exe) and next time you download, (save run screen) go to options and untick that feature)
I suggest you get on the phone and talk to Skype or contact them by email. It's on you as to what you're going to do. The buck stops with you.
Without being too direct, I would say your attitude needs a serious adjustment in my very humble opinion.
You TRUST every program you install? That's incredulous.
Do you know what RealPlayer is doing behind your back? Do you realize that Adobe Acrobat phones home constantly? Do you suspect that almost every program you install has the potential to report back to the maker your day-to-day actions?
You're obviosly not a security expert if you trust every program you choose to install to do what IT thinks is the right thing to do.
I'll lay dollars to a donut that program will beat ZA to the punch, get out to the Internet and make contact. It will happen when you boot the machine and logon, because ZA is not an integrated part of the XP O/S. If ZA was an integrated part of the O/S and it's not, then the O/S would not allow any TCP/IP connections by programs, until such time the O/S started ZA, which it can't do as the O/S does not have any dependencies waiting on ZA.
What you should be doing is either removing the program off of the machine by deleting it or if the file system the O/S is using is NTFS, then you go to the O/S and set the program's permissions to not (execute) - not run period.
Not only that, you got people running around in the NG needing to nit pick. Apparently, this person doesn't seem to know that a program and the machine have to be put into a position to be attacked.
One place I am currently working, they are still running a version of IE 6 that's three years old and I don't know that last time it was updated. I don't even know when the last time XP Pro on the machines has been updated with security fixes, although they do take care of those servers. The XP Pro machines and IE itself are NOT being attacked due to this, because IT has a big old proxy setting there blocking user access to damn near everything on the Internet, even though most of its end-user base jobs are to be on the Internet, dealing with out side clients, with the solution. Its end-user base is educated on the use of computers in a work environment and everything is locked down. Those users go where IT wants them to go and nowhere else.
I'll give you a little hint on this too, I am running a version of XP Pro on this laptop that's not a legal copy and has NOT received a critical update and in ages. It's not being attacked because it has not received the updates, because the machine is NOT put into a position to be attacked.
Again, the program and the machine have to be put into a position to be attacked. If neither one of them are in that position, then your point here is moot.