Computer Sleuthing!

So cook some popcorn and pull up a chair, and I’ll tell you about how I discovered a roommate’s obsession with downloading PORN!

Beware, this post contains massive quantities of computer sleuthing/nerdiness and might be boring to your average reader…

I have the worst wireless router in the world. A Linksys WRT55AG. Basically if it’s subjected to heavy loads, it completely dies. So if you decide to download any sort of bandwidth intensive file for more than 10 minutes, you can guarantee the router will soon die. The only way to revive it is to completely reset it by unplugging it, waiting a few seconds and plugging it back in. Then you’re good for another 10 minutes or so.

Anyway, this hasn’t happened in quite awhile (since I haven’t been downloading music, CDs, DVDs or games). Fast forward to now. We have a relatively new roommate and since he moved in about a month ago, the internet has died. CONSTANTLY. It’s been particularly frustrating when I have research and stuff to do. Evidentially the new roommate has also picked up on how to reset our router too, and whenever the internet mysteriously dies, he himself heads downstairs to reset the router.

So finally, after it dying on multiple occasions tonight, I got quite frustrated and decided to track down what the hell this new cause of router dying is. I suspect that it’s the roommate that’s responsible, but I had no way to tell and wanted to find out some more before I decided to talk to him about it. After noticing the router was being completely unresponsive, I pulled out my laptop and physically hooked it into the router (which sometimes works when the wireless connection dies. It’s weird).

I remember the roommate telling me that he uses a Powerbook… so after thinking about it, that lead me to believe that the only program on Mac that is capable of constantly downloading large amounts of data was Acquisition (which I first heard of from from some friends who have a Mac and I was asking them awhile ago about what they would use to download songs and things). So I did some searching on the internet and found out that Acquisition basically needs ports 6000-7000 open on a router/firewall in order to function properly. Interesting, I’ll file that away for future reference. If I couldn’t find anything else or any other fix, I’ll try blocking those ports and seeing if that is the problem.

Anyway, I wanted to see if there was a way I could check stuff via the router in regards to ports used, bandwidth used, connection times… or anything like that. After searching through the router’s horrible interface, I finally found something entitled “Logging Options”. It was disabled, so I enabled it. Then I reset the router, came back to my computer and started hitting up some websites.

Loaded up the router screen, brought up the logging option and checked the access logs. Sure enough, it listed the ip of my computer and the ips of websites I was connectiong to, AS WELL AS port numbers! beautiful. It also listed incoming connections too and their port numbers! (i.e. when you download a file).

So I waited a few moments and refreshed the log. Sure enough, there were a ton of new fresh entries. Interestingly enough, there were a TON of incoming connections from all sorts of random IP addresses on the internet (and these IP addresses corresponded with personal computers, not websites), which means someone was using a file sharing program. And now the kicker. All the incoming ports were 6338, 6334, 6332, etc. INTERESTING.

Finally, I ran an whois lookup on a random website that this computer that was downloading all the stuff connected to… it came back “Apple Computer, Inc.” DING! Busted. Using Acquisition!

It’s kind of funny, I can potentially render Acquisition useless by disabling these ports and he’ll never know why it suddenly stopped working! At least our damn internet connection will work….

Anyway, I have a hunch he has been download porn and have no way to prove it. (I mean seriously, what can you be constantly downloading that requires all that bandwidth? A friend says his roommate in the dorms at school got their connection cut for 3 weeks because he downloaded 8GB of porn in 1 day!!) Anyway, I remember he came downstairs to reset the router one day, wearing nothing but his boxers. He was like “Oh… I’m about to go to bed and err.. take a nap.” Fair enough, but he sure was somewhat nervous about it. Of course why do you need to reset the router if you’re going to take a nap! (Sure, there are valid reasons…)

So he was upstairs in his room earlier this evening, and I decided to try one more little test. Out of the random log of jibberish being returned, I selected an IP address with port 80 (HTML website) and did a “whois” search on it:
http://www.whois.sc/64.246.168.94

Whatever, no big deal. But you can do a reverse lookup if you’re a member of that whois website to see what websites are stored at that IP location. So I decided to be slightly nosey. This is absolutely hilarious:

“14 domains found on 64.246.168.94
Showing all 14.

Website
www. Blackbroswhiteh*** .com
11 more domains found…”

Haha. So our internet is constantly dying so someone can download mass quantities of porn! I don’t condone or condemn it. Hey, you can do whatever you want, but when it’s bringing down the internet connection for our whole house and interfering with how everyone else uses it, then come on man! Wait until everyone’s asleep at least… 😉

I really should just block the thing. Of course he’s moving out in a few days, so it ultimately doesn’t matter. Hah, crazy though!

CategoriesUncategorized