Any idea what this is:
2014-10-13 19:16:37 [Pool] [diamondcoin] (Thread 2) Malformed message from (unauthorized) [117.25.128.139]: �Cookie: mstshash=g
http://www.tcpiputils.com/browse/ip-address/117.25.128.139Not much help there, but it is in China
is there any way I can examine the malformed message
![Huh](https://bitcointalk.org/Smileys/default/huh.gif)
I suppose I'll have to have some TCP logging of some sort and wait for another one ... only get it a couple times a day ...
Looks fine, anything could be a malformed message, as long as it doesn't conform to exactly what NOMP was expecting. So if you connected and just sent "{a:a:a:a:A:a:a:a:a:]" to it, it would probably break and spit out the same line of text (malformed message). Assuming there isn't a flaw in how NOMP parses the data coming in, its just garbage data...
OK I'm still gonna block that IP in firewall tho
![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
Got another one from another IP 192.210.53.41, looking at where it came from.
Had similar Cookie: mstshash=a
Domain neighbors for IP: 192.210.53.41
Found 2 websites running on IP address 192.210.53.41.
Domain Pagerank Alexa ranking Quantcast ranking
xuezhao.net
sanlewh.com
Found 65 IP addresses with hosting around 192.210.53.41.
IP address Number of websites Example
192.210.53.3 1 defurid.com
192.210.53.6 1 eucoque.fr
192.210.53.14 1 pdstp.com
192.210.53.18 67 utf8.cn
192.210.53.19 1 689686.com
192.210.53.38 2 yazhoubocaitong.com
192.210.53.39 1 jinguanquanxunwang.com
192.210.53.40 2 yushouzhe.com
192.210.53.41 2 sanlewh.com
192.210.53.45 2 kjiussfiiu.com
192.210.53.46 1 tonkincorp.com
192.210.53.49 2 ucskqq.com
192.210.53.54 1 jingbaominzzmz.com
192.210.53.57 2 jingdongmmzgdool.com
192.210.53.75 4 dlrft.com
192.210.53.77 1 hujita-store.com
192.210.53.98 1 ctom.us
192.210.53.101 8 sengd88.xyz
192.210.53.103 2 borcr.com
192.210.53.107 10 acy.in
192.210.53.108 1 supplierss.com
192.210.53.109 1 yyjiaoyi.com
192.210.53.110 1 yixiuba.com
192.210.53.111 1 beststyledresses.com
192.210.53.113 3 yaoons.org
192.210.53.116 1 342324.com
192.210.53.118 2 2014bikinis.com
192.210.53.119 1 qbochina.com
192.210.53.125 1 superstarwigs.com
192.210.53.131 1 fatswede.com
192.210.53.139 1 qaiai.wang
192.210.53.155 1 fangzhiguan.com
192.210.53.162 1 njhbs.net
192.210.53.163 1 yingtaowang.net
192.210.53.164 1 tonglelebaby.com
192.210.53.165 1 huayaexpo.com
192.210.53.166 1 5use.net
192.210.53.167 1 jsfgold.com
192.210.53.168 1 jxjihong.com
192.210.53.169 1 jxmin.com
192.210.53.170 1 kanituan.com
192.210.53.171 1 lcdycm.com
192.210.53.172 1 lfdahao.com
192.210.53.173 1 szwfl.com
192.210.53.174 1 lzshengfa.com
192.210.53.175 1 mybesa.com
192.210.53.176 1 qianqin.net
192.210.53.177 1 qianyiwang.com
192.210.53.178 1 souney.com
192.210.53.179 1 szrongxing.com
192.210.53.180 1 liupinyan.com
192.210.53.181 1 tzwuxin.com
192.210.53.182 1 wuyetuan.com
192.210.53.183 1 xynhsh.com
192.210.53.184 1 xzy88.com
192.210.53.185 1 zjrjyy.com
192.210.53.186 1 beiyunsi.com
192.210.53.187 1 cimdo.com
192.210.53.188 1 hbhtc.com
192.210.53.189 1 hzzuche.net
192.210.53.190 1 icharmonline.com
192.210.53.194 1 dirpy.com
192.210.53.208 1 hljer.com
192.210.53.210 1 x3x3x3.com
192.210.53.211 2 qyk.cc
China again ... The whois shows California, USA on another web tool ...-
And another one:
2014-10-14 11:49:32 [Pool] [diamondcoin] (Thread 2) Malformed message from (unauthorized) [80.82.70.239]: �Cookie: mstshash=a
have you seen this linux backdoor analysis :
https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/Thanks