Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: Google Hi-Jacking Computers?

  1. #1
    Join Date
    Jan 2012
    Beans
    13

    Exclamation Google Hi-Jacking Computers?

    Hello everyone.

    I have a concern that I would like to run past the forum.

    I am a fairly new user to Ubuntu and I am currently running 10.04 LTS (Lucid Lynx) and I have Firestarter installed.

    I notice that sometimes when I open the Firestarter GUI and select STATUS>ACTIVE CONNECTIONS I see where there is a connection to my computer, sometimes even when Firefox hasn't even been launched. It shows a numerical i.p address. When I then right click LOOKUP HOSTNAMES, instead of getting a domain name, it gives me something like Yx-in-f95.1e100.net as connecting on port 80 and more from Google on HTTPS port 443.

    I then try to block connections for the numerical 1.p. address under the Outbound Traffic Policy, but each time I block one, another one pops up a few seconds later in it's place. I searched about a dozen of the numerical i.p. addresses under ARIN Whois and they all point directly to Google.

    What is bizarre is that this occasionally occurs when the browser isn't even open, but when I launch Firefox and it opens to my home page, (which is an European-based, rugby team website that has NOTHING to do with Google as far as I know of anyway) the Firestarter "Active connections list grows to sometimes about 4 or 5 connections, one being the home page website and the rest to Google. Each numerical i.p. address from Google's domain always switches to something like the Yx-in-f95.1e100.net. NEVER does it say Google.com.

    In light of the recent issues with Google's privacy abuse investigation, I am wondering if this is something anyone else is experiencing, and if this is something I should be concerned about. I assume that Google is tracking my online activity with this, but how is it occurring and how do I stop it. I do not want to provide Google jack on my personal surfing habits. Even when I go to Ubuntuforums.org, after a page loads, all I have are about 5 or 6 active connections to i.p. addresses registered to Google. WTF? Even when I leave the sign in page to Ubuntu forums up and the Canonical connection drops from inactivity, Google's connections stay on A LOT longer.

    Any help would be greatly appreciated. I apologize if this is posted in the wrong area of the forum, but would really like some help, and I didn't know exactly where to put this post. Also, if anyone knows of a reputable program I can get from the repository or elsewhere that will do a scan on my Ubuntu computer for viruses and malware I would appreciate a pount in the right direction.

    And before anyone goes there, I KNOW Linux-based systems are hard to infect and take control of, but it is NOT impossible and the threats are growing against our beloved Ubuntu every day.

    Thanks all,

    Jax

  2. #2
    Join Date
    Jul 2006
    Location
    Here
    Beans
    10,543

    Re: Google Hi-Jacking Computers?

    google services on the Web site? like adsense or that counter thing.
    could it be dns caching?
    pipelining?
    your ISP could be using google vm's to improve service?

    any which way i'm sure google is not out to get you, unless your doing something your not suppose to.

  3. #3
    Join Date
    Jan 2012
    Beans
    13

    Re: Google Hi-Jacking Computers?

    Thanks for the reply.

    No, I am not doing ANYTHING illegal, on line or otherwise. Far too old for the accompanying consequences.

    I have no idea why or how it's happening. I can tell you this much further, that it doesn't matter which site I visit on the web, even something like CNN, I get an active connection to an i.p. belonging to Google.

    Well, I should say, every site I have tried, EXCEPT for the U.S. Department of Justice.

    Just find it interesting in light of the recent news about Google ramping up their data mining operations and not giving people an option to "opt out".

    Doesn't this ring a bell for anyone else? I guess I will have to file a complaint with www.ic3.gov and let them investigate this. After all, it is what I pay my taxes for.

    Thanks again,

    Jax

  4. #4
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Google Hi-Jacking Computers?

    1) Don't use firestarter
    2) See what process the connection belongs to with:

    Code:
    sudo netstat -nlp
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  5. #5
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,769
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Google Hi-Jacking Computers?

    Do the websites you're visiting happen to have a google +1 button on them?

    Because that will load from google's API hence the connection

    So will google analytics, which is used on pretty much everything.
    Last edited by Dangertux; January 27th, 2012 at 12:21 AM.

  6. #6
    Join Date
    Jan 2012
    Beans
    13

    Re: Google Hi-Jacking Computers?

    Quote Originally Posted by CharlesA View Post
    1) Don't use firestarter
    2) See what process the connection belongs to with:

    Code:
    sudo netstat -nlp
    Charles: Thanks for the reply. I ran the sudo command on the home page, and found nothing associated with the connection as far as I can tell. I am still somewhat of a noob, but I do sudo properly and I hope this doesn't sound stupid, but I see nothing in the results that directs me to Google or the specific i.p. address. Is there something else I should be looking for?

    Sorry.... I see where you didn't ask for this. LOL!

    Jax

  7. #7
    Join Date
    Jan 2012
    Beans
    13

    Re: Google Hi-Jacking Computers?

    Quote Originally Posted by CharlesA View Post
    1) Don't use firestarter
    2) See what process the connection belongs to with:

    Code:
    sudo netstat -nlp
    By the way, can you tell me why I shouldn't use Firestarter? can you recommend something else? I like it because I can kill alot of connections by adding them to my outgoing traffic policy and it speeds up my page loading BIG TIME. It just seems that Google owns MILLIONS of i.p. addresses and each time I block one, another one pops up from them and I simply do not see how to block a range of i.p. addresses.

    Thanks again for your help.

    Jax

  8. #8
    Join Date
    Jan 2012
    Beans
    13

    Re: Google Hi-Jacking Computers?

    Quote Originally Posted by Dangertux View Post
    Do the websites you're visiting happen to have a google +1 button on them?

    Because that will load from google's API hence the connection

    So will google analytics, which is used on pretty much everything.
    No google+1 or google analytics tab. (I am familiar with what you are talking about on both accounts, also, btw.

    Thanks for the reply,

    Jax

  9. #9
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,769
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Google Hi-Jacking Computers?

    I can almost guarantee there are scripts calling the google API on CNN and probably most of the other sites you visit.

  10. #10
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Google Hi-Jacking Computers?

    Quote Originally Posted by Jackson45acp View Post
    Charles: Thanks for the reply. I ran the sudo command on the home page, and found nothing associated with the connection as far as I can tell. I am still somewhat of a noob, but I do sudo properly and I hope this doesn't sound stupid, but I see nothing in the results that directs me to Google or the specific i.p. address. Is there something else I should be looking for?

    Sorry.... I see where you didn't ask for this. LOL!

    Jax
    Yeah, you just needed sudo to show which process a connection belongs to. If it's not there you should be ok.

    Quote Originally Posted by Jackson45acp View Post
    By the way, can you tell me why I shouldn't use Firestarter? can you recommend something else? I like it because I can kill alot of connections by adding them to my outgoing traffic policy and it speeds up my page loading BIG TIME. It just seems that Google owns MILLIONS of i.p. addresses and each time I block one, another one pops up from them and I simply do not see how to block a range of i.p. addresses.

    Thanks again for your help.

    Jax
    Firestarter is no longer underdevelopment and isn't really meant to be used as a traffic monitor, so to speak, it is meant to be run, have rules enabled and closed.

    One alternative is ufw (which is installed by default), or gufw (GUI version of ufw)

    https://help.ubuntu.com/community/UFW

    Quote Originally Posted by Dangertux View Post
    I can almost guarantee there are scripts calling the google API on CNN and probably most of the other sites you visit.
    Webmasters use it for tracking traffic, if I remember right.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •