Login

09-12-2003, 06:39 PM

Hmm... I mentioned before that Steam wanted ports 1200, 27001, 27030, 27031 and 27038. However, I decided to let it have full reign but log what it's doing... even without a game running, it's got the following:

Quote:216.144.226.197:27030 Outgoing on TCP port 1477
66.250.220.45.27030 Outgoing on TCP port 1455

Now those are always connected when I'm logged in... but, the following is also true:

Quote:Listening on ALL ip's UDP Port 27001
Listening on ALL ip's UDP Port 1457
Listening on ALL ip's UDP Port 1458
Listening on ALL ip's UDP Port 1459
Listening on ALL ip's UDP Port 1460
Listening on ALL ip's UDP Port 1461
Listening on ALL ip's UDP Port 1462
Listening on ALL ip's UDP Port 1463
Listening on ALL ip's UDP Port 1464
Listening on localhost ip UDP Port 1472

Now, what it needs to listen on ALL those ports for I don't know. But lets leave it to it... So, I click on the Games section, nothing, click on the Ricochet Game and get the "Preparing to launch" window... that just hangs there... but as it does the following occurs with a connection it makes and then closes:

Quote:[font=courier][23:31:36] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:31:39] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:31:43] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:31:47] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:31:47] Rule 'Steam': Permitted: Out TCP, localhost:1603->207.173.177.100:27032, Owner: E:\STEAM\STEAM.EXE
[23:31:48] Rule 'Steam': Permitted: Out TCP, localhost:1604->207.173.177.130:27038, Owner: E:\STEAM\STEAM.EXE

Now that traffic seems to re-itterate itself every minute within the same time indexes, as if it's still trying with the exception of the TCP parts... so, whatever it's trying to connect to, it's STEAM's end... and therefore EVERYONE is likely affected by it.

What is worrying though, is that I didn't cancel the dialog box, it hasn't returned an error, and yet there is nothing more appearing in the firewall logs.

* edit: actually, it did appear in the logs, I just forgot to refresh, which it usually does on it's own, but didn't for some reason... it does keep repeating every minute or so. It looks like the TCP packets only occur during the first try though... as if it doesn't need to OR has been incorrectly coded NOT to...

That I can't tell you, it's not my program :/

09-12-2003, 06:49 PM

Interestingly, I thought I'd see what happens when I logged on and off... sure enough lots of traffic... however, what it also interesting is the following:

Quote:[23:44:36] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:44:39] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:44:43] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:44:47] Rule 'Steam': Permitted: Out UDP, localhost:27001->207.173.178.44:1200, Owner: E:\STEAM\STEAM.EXE
[23:45:31] Rule 'Steam': Permitted: Out TCP, localhost:1617->207.173.177.100:27032, Owner: E:\STEAM\STEAM.EXE
[23:45:31] Rule 'TCP ack packet attack': Blocked: In TCP, 216.144.226.197:27030->localhost:1477, Owner: no owner
[23:45:33] Rule 'TCP ack packet attack': Blocked: In TCP, 216.144.226.197:27030->localhost:1477, Owner: no owner
[23:45:35] Rule 'TCP ack packet attack': Blocked: In TCP, 216.144.226.197:27030->localhost:1477, Owner: no owner
[23:45:45] Rule 'Steam': Permitted: Out TCP, localhost:1618->207.173.177.130:27038, Owner: E:\STEAM\STEAM.EXE
[23:45:49] Rule 'Steam': Permitted: Out TCP, localhost:1619->207.173.177.130:27038, Owner: E:\STEAM\STEAM.EXE
[23:45:50] Rule 'Steam': Permitted: Out TCP, localhost:1620->207.173.177.130:27038, Owner: E:\STEAM\STEAM.EXE
[23:45:51] Rule 'TCP ack packet attack': Blocked: In TCP, 216.144.226.197:27030->localhost:1477, Owner: no owner
[23:46:02] Rule 'Steam': Permitted: Out TCP, localhost:1621->207.173.177.130:27038, Owner: E:\STEAM\STEAM.EXE

Makes me wonder if some badly formed packets are being sent out and causing the firewall to drop them because they could be hack attacks... naughty naughty...

09-12-2003, 07:04 PM

Ok, now I'm monitoring the actually number of bytes being transfered... and whilst at the Preparing to play Ricochet window, I can see that STEAM.EXE has two threads (one to 216.228.115.67:27030 and 203.17.15.134:27030).

The first thread averages at the moment 14.43 received kB/s with a transmit of just 15.34 and a receive of 1387362 so far. The average sometimes drops right down to 5 or below.

The second thread often ends up with a transmit speed of like 0. currently as the top thread has now reached 2522300, the bottom is at 1543623 and hasn't moved for quite a number of seconds.

This makes you wonder where there is NO progress updates on the window, or any sort of indication how long you have to go....

09-12-2003, 07:07 PM

Out of interested, since the updates seem to be streaming down my line now... the ACK attacks have stopped... makes you wonder some more whether there is sommat dodgy in their coding... this is valve after all, and we know what we've had to do to ricochet cause they were only half hearted about it...

09-12-2003, 07:47 PM

Currently at:
216.228.155.67:27030 Bytes Received: 2228496, Average: 3.54

Oh, and STEAM is still only telling me that it's Preparing to launch Ricochet!

Gwarsbane · 09-12-2003, 08:15 PM

that just sucks

jabbahunt · 09-12-2003, 08:22 PM

Makes you wonder if WON sent in an infiltrator.

PuNkGirL · 09-12-2003, 08:25 PM

lol Won comes from valve too, i'm sure all the Won ppl are sacked by now...

09-12-2003, 09:07 PM

well, that's why I posted that other thread... maybe we can get them back in as the better technology:)

[CAKE]anonymity · 09-13-2003, 11:23 AM

2 words "new coke"

09-13-2003, 12:31 PM

that must mean sommat to you then ;-)

Gwarsbane · 09-13-2003, 01:45 PM

LOL ya thats what I was thinking too.

For those not old enough to remember, a whole bunch of years ago, coke thought they were smart and changed the coke formula (how it tasted).

It was a very stupid move, from what I remember sales of coke were going down something like 40 percent in the first month. Not too many people actually liked the new taste

So they quickly brought out "Classic Coke" which was coke with the old formula and it was out selling the new coke 3 to 1 (and that started to rise to 4 to 1 then 5 to 1) so they did away with "New Coke"

09-13-2003, 04:43 PM

Maybe we should send my thing to steam

[CAKE]anonymity · 09-13-2003, 09:04 PM

FYI, im not actually old enough to remeber new coke, i just remeber the story of it. Supposedly its one of the biggest corprate mistakes ever, but steam is catching up fast.

09-14-2003, 07:57 AM

the only difference being that only internet gaming players are involved, and I think there's far more coke drinkers that game players.. that said, I wonder how many of the STEAM downloaders are Coke drinkers...

Might give you a clue about history repeating itself:)

[CAKE]anonymity · 09-14-2003, 07:25 PM

well, you've got GRITS, who is the biggest coke fan ever, and someones wife has a lot of coke merchandise as well, i think it was frito, but im not sure.

09-15-2003, 03:29 AM

True. Though how COKE / GRITS fits into my firewall I'm not sure ;-)

Login
Username:
Password:	Lost Password?
	Remember me