Peer To Peer Guardian/CIA trying to connect

For those that have Peer to Peer guardian, I have a question. Normally, my program shows a list of IP addresses trying to connect to my computer and rejects them. But get this....today I had a special IP address trying to connect to my computer. It was the CIA's IP ADDRESS! Has this happened to any of you? This is what my peer to peer guardian said:

Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 00:06:04)
Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 00:08:04)
Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 00:09:47)
Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 00:10:39)
Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 01:35:19)
Connection Rejected: 198.81.129.100 - CIA (01-24-2005 @ 02:09:18)

It looks like they tried to connect to me repeatedly or what if they have a program installed on my computer, trying to send information back to them? But then thats just getting into conspiracy theories.

Anyone who is knowledgable on this matter, I would like some feedback.

I think I would be concerned too, not that I have anything to hide. I don’t know much about the technical stuff but I will share my thought. If the CIA was doing something illegal I’m sure they would not do it through an IP address that is labeled with their name. Just my thought on this….I really don’t know…

That's strange, but I doubt they'd be investigating you using their public webserver host.

well I havent been doing anything illegal, but its just scary these days to even have the cops come to your house asking for something. Authority is just intimidating to me I guess. You would think if the CIA wanted something, they can just come to your house and get it lol.

Originally posted by djohnsto77
That's strange, but I doubt they'd be investigating you using their public webserver host.

So thats their public webserver host address?

Maybe their host address sends out broadcast address pings to everything? I used to take networking but I forgot what the exact term is hehe.

$ nslookup 198.81.129.100
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 10.0.1.1
Address: 10.0.1.1#53

Non-authoritative answer:
100.129.81.198.in-addr.arpa name = www.odci.gov.
100.129.81.198.in-addr.arpa name = www.centralintelligenceagency.info.
100.129.81.198.in-addr.arpa name = www.centralintelligenceagency.kids.us.
100.129.81.198.in-addr.arpa name = www.central-intelligence-agency.info.
100.129.81.198.in-addr.arpa name = odci.odci.gov.
100.129.81.198.in-addr.arpa name = cia.cia.gov.
100.129.81.198.in-addr.arpa name = www.cia.kids.us.
100.129.81.198.in-addr.arpa name = www.cia.intelligence.museum.

Try it in your browser.

IP address isn't in use.. Ping times out (any decent server doesn't reply to pings for security reasons anyway), nslookup can't resolve the address, trace route comes up null & void...

It was probably a bored office worker at a CIA building playing around being a bit of a script kiddy. I somehow highly doubt any serious CIA probes would be noticeable unless you REALLY knew what to look for.

It was the CIA, just not the Central Intelligence Agency. The Culinary Institute of America is trying to hack your system!
The real CIA will usher in the NWO with its one world cuisine!

I did a whois search and found that it IS either the CIA...or a company called ANS Communications...who happens to be an ISP in Australia, actually from the record, it looks like ANS owns the IP, but the CIA uses it...anyone more familiar than me with stuff like this?? I just dabble in it

198.81.129.100
Record Type: IP Address

ANS Communications, Inc BLK198-15-ANS (NET-198-80-0-0-1)
198.80.0.0 - 198.81.255.255
Central Intelligence Agency OIT-BLK1 (NET-198-81-128-0-1)
198.81.128.0 - 198.81.191.255

I have peer gardian and I have not see anything like that yet, so I wonder what is happening.

Perhaps NWO, at least we know peer guardian works.

I just activated the 'live warnings' in PeerGuardian and I noticed that everytime I open this thread I get this message:

Connection Rejected: 137.241.248.110 - 75 ABW AFB US, Air Force Logistics Command TX US A (01-24-2005 @ 23:27:13)

[Edit] I just realized that some members' avatar could be the culprit in this case, and it turned out that just_a_pilots avatar was the cause.

KyateLaBoca, are you sure you didn't just visit the CIA site?
When I visit their site i get this:

Connection Rejected: 198.81.129.100 - CIA AP2P (01-24-2005 @ 23:59:29)
[/edit]

[edit on 24-1-2005 by Symer]

....Ever since I installed Norton Intruder alert , you wouldn't believe how many alerts i get about backdoor trojans attempts and sniffers at the gate, usually the route information is faked to obscure the source (sometimes i get a real adress and notify their provider to piss them off) , but for me I don't see a pattern yet, agencies like the CIA have to compete with a lot of pranksters and scriptkiddies wanting to sell their zombie botnets to spammers.


[edit on 24-1-2005 by Countermeasures]

[KyateLaBoca, are you sure you didn't just visit the CIA site?]


yea I'm positive...It just happened to me.

Maybe somebody can call the phone number below & ask for info.

198.81.129.100 = [ www.centralintelligenceagency.kids.us ]

OrgName: ANS Communications Inc
OrgID: ANS
Address: 22001 Loudoun County Parkway
City: Ashburn
StateProv: VA
PostalCode: 20147
Country: US
NetRange: 198.80.0.0 - 198.81.255.255
CIDR: 198.80.0.0/15
NetName: BLK198-15-ANS
NetHandle: NET-198-80-0-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
NameServer: AUTH51.NS.UU.NET
NameServer: AUTH101.NS.UU.NET
Comment:
RegDate: 1993-03-26
Updated: 2002-10-10
TechHandle: AH-ORG-ARIN
TechName: UUNET Technologies Inc.
TechPhone: 1-800-456-6300
TechEmail: [email protected]

OrgAbuseHandle: ABUSE3-ARIN
OrgAbuseName: abuse
OrgAbusePhone: 1-800-900-0241
OrgAbuseEmail: [email protected]

OrgNOCHandle: OA12-ARIN
OrgNOCName: UUnet Technologies Inc. Technologies
OrgNOCPhone: 1-800-900-0241
OrgNOCEmail: [email protected]

OrgTechHandle: SWIPP-ARIN
OrgTechName: swipper
OrgTechPhone: 1-800-900-0241
OrgTechEmail: [email protected]

OrgName: Central Intelligence Agency
OrgID: CIA-1
Address: OIT/ESG/DSED
City: Washington
StateProv: DC
PostalCode: 20505
Country: US
NetRange: 198.81.128.0 - 198.81.191.255
CIDR: 198.81.128.0/18
NetName: OIT-BLK1
NetHandle: NET-198-81-128-0-1
Parent: NET-198-80-0-0-1
NetType: Reassigned
Comment:
RegDate: 1997-02-11
Updated: 1998-03-30
TechHandle: ANM3-ORG-ARIN
TechName: Central Intelligence Agency
TechPhone: 1-703-874-5401
TechEmail: [email protected]

i know this thread is old but yeah i just had the same problem just a few days ago. like i think they were trying to hack me just because i use p2p programs such as torrents but there going from one IP and i tracked it and it was actually coming from there CIA.gov website which seemed strange cause i would think if they were smart about trying to hack me. they would be smart and hide there ip and outsource there ip and do all them cool little tricks. but i dont know as soon as i saw Central Intelligence Agency i just turned off my computer right then and there. I dont want a lawsuit on me just because I use p2p.

Many times it is just a forged IP with a exploit payload. It doesn't need/want a valid response unless the exploit works.

The exploit will contain the IP address for it to reverse tunnel/connect to.

198.81.129.100
If you put that into the browser it takes you to the CIA web site.
I would not be concerned if you are a 100% sure that you have nothing to worry about!
Let them come maybe we will see a vid of you at G-bay