Stavo facendo una scansione di rete sul mio computer con Wireshark e ho trovato qualcosa di molto sospetto: ho trovato uno stream con il protocollo jabber. Non ho un server jabber configurato né ho alcun client di messaggistica che sto usando. La cosa strana è che sta dicendo che è da e verso il dominio del mio sito web, il che non ha senso.
Non sfoglio dal mio server e non ho idea di dove provenga il traffico. Non ospita il mio sito web sul mio computer. L'unica parola che potrei capire è talk.google.com. Che io indovino significa che è il cliente che viene utilizzato. Sto diventando un po 'nervoso per quello che sta succedendo qui.
Ecco lo stream:
<stream:stream to="mywebsitesdomain.com" xml:lang="en" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client">
<stream:stream from="mywebsitesdomain.com" id="62B02549D12F9CC2" version="1.0" xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>X-OAUTH2</mechanism><mechanism>X-GOOGLE-TOKEN</mechanism></mechanisms></stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/><proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>...........R......./.w.m..'p3WWJ....Qj..:.. R......T=..9V.
N~#.7'.......V....(.
...9.k.5.=.....#.....'.3.g.2...../.<.
...R.........talk.google.com......
.................#............
........................ ...M..R....f..f.H".$.I....K.......h4.. R...1.@,.6iJ..#.}X.2...0.n.....=...................
0...0..o......
+........z0
..*.H..
.....0F1.0...U....US1.0...U.
.
Google Inc1"0 ..U....Google Internet Authority0..
130502080651Z.
131231155850Z0i1.0...U....US1.0...U...
California1.0...U...
Mountain View1.0...U.
.
Google Inc1.0...U....talk.google.com0.."0
..*.H..
..........0..
......[...C.xlM.Z....x.i....VM....3A_.T......X..........0...hl..*.b..=....yK......HI.%7.<.."yj...D...7....jL.^...e..x...h~.lY..6...n...5..L.8".c>.JK.AR~.D...=..Y..).'.PG.$.....T.,...1.
.....2../6V.:...(E]...w.\...X8g..
.uTbK....[.....q...d'.kw[|o-..O'.4..............R0..N0...U.%..0...+.........+.......0...U......flA{T......
.(JM....0...U.#..0.....0..C.>g.....j..k.$0[..U...T0R0P.N.L.Jhttp://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crl0f..+........Z0X0V..+.....0..Jhttp://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crt0...U.......0.0...U....0...talk.google.com0
..*.H..
[email protected].[)...\T..o..e......Y+S...;T.s~..-...~I.6*.D|....V._.....b;......$.Q=........2....~..K..^...]...Kb...B
..H.B.Xo....0...0...........w.0
..*.H..
.....0N1.0...U....US1.0...U.
..Equifax1-0+..U...$Equifax Secure Certificate Authority0..
121212155850Z.
131231155850Z0F1.0...U....US1.0...U.
.
Google Inc1"0 ..U....Google Internet Authority0..0
..*.H..
.........0............W..>@}....qcS..yt..D.3 ..{.(...lI~._4YN
z0....WE....s&..2.....;....6.oQD... Rs.&.5j....Y.+.g.9....l..%..3.G...Py..i.....Wo........0..0...U.#..0...H.h.+....G.# .O3....0...U........0..C.>g.....j..k.$0...U.......0.......0...U...........0:..U...3010/.-.+.)http://crl.geotrust.com/crls/secureca.crl0
..*.H..
............y.F."l.1.eC'.1P..(...f.\.5.}..NY7...&..g8Z...&2.*..xP{..~..H...>.:~.'...k...*.P.w3).@.......[.4?%..LHva......P_..d_G.......~.......................H.;...*0"...f.U.... .L....R~i...R.Y../_..:.Kt_...a.....A[C.~
....a..E j......... ?.ZQ.'g.....T.v........4wd2Iv...^.......d).......qr' ....or{.d...I........Or.@d$
.j.I.i..][email protected].....;..g-.n.^...........$.qb...Rbo.x..'
.'.... ...zf..nb.ID............$..X..|..w.U...B.$&...'
I.V...7Cgs.l-.......
w.l.aS=...p.....h
.)[email protected].].4....p....T3....0o.P....
.$]....9.........z>eXP..X.G._A..'.=t.l..q..Hqr.=.A...V.y.......g....T....~.....SA..26...VB...0.:.....*..1zpiwf.Ke'...^. .5]....OC{..p ..D)k~%b'...$.....Q....U.'....g~.V>..S=...^;x..:A.C....y....C.
.f..vrM.GC'.ded?E..b.;w7....B............$...8........(...D..}.-_a..\....v:.m..&........Q..o.[.#..I.o.&..f.t.%.....!.pEoKI...q.V.......u.o\M....c.....SIr....nY.-]..8.....MH
os'...a.;.;...U..>./FV...lQV...#d..........ux?..........b.....kIh%eX.c.jn,.&.......{[email protected].......(Ky
..
...E....4j...(..)IK....| }.'....[.p8z....E....1.c...I........7.......^...n....='.........n..?.........._.}...FO.TyJ.b.}k-......HA..,....
<'.PR..C.gZ......X4Lr2}.;........1..k%Bz{u~..<...[.Fw.....Q.D..g2d.n........../.).....Z.$...k?F.M. .[K........._!.b;.Y..q_u..\w...._{O.W.zQ..A.PG..9)..V.....g.Bn...o.L..O..TO.1].3S.a5...i'w..G'....*.....
.....4.....a#t..7..$.......$..q.F..F...cD.......q_U.....q.E.>...
z.Jv...$....:...X..m.h{....V....V
a..d..........$Qo....AP.=.........m..%......L.p..M..........8n...-..[..A.N..<.