| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 32018 | 2003-04-07 02:22:00 | Catholics and Computers.... | csinclair83 (200) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 133940 | 2003-04-07 02:22:00 | I've been having a very busy firewall over the last 24 hours.... have had computer on all night downloading...and came online this morning...have had 16 blocks from firewall..all from same IP...so i thought i'd do a visual trace.... and this is where the blocks have been coming from... inetnum: 203.177.39.0 - 203.177.39.255 netname: CBCP-PH descr: Catholic Bishops Conference of the Philippines country: PH admin-c: AY84-AP tech-c: RC180-AP mnt-by: MAINT-MGR-AP changed: rommelc@globe.com.ph 20010116 status: ALLOCATED PORTABLE source: APNIC Does this mean some bishop is trying to get into my computer thru a laptop or something?????? or what happened came from somewhere else but they used this location?... |
csinclair83 (200) | ||
| 133941 | 2003-04-07 03:22:00 | You really need to mention what ports the computer was trying to access, the time periods of each attempt and the number of access attempts on the ports. Quite often it is fairly innocuous if it was say four hits on port 137 in a row. On the other hand if it was against port 135 there is a know exploit associated with that port. Also port 445 means they were attempting netsend messages. Quite a lot of hits on that particular port at the moment. Must be flavour of the month :) |
Gorela (901) | ||
| 133942 | 2003-04-07 03:24:00 | Just the Bishops looking for a little light entertainment Chris :p Cheers Billy 8-{) :D |
Billy T (70) | ||
| 133943 | 2003-04-07 03:26:00 | lol true it was something to do with tcp/ip something... hasnt happened since i decided to track it down yeah... |
csinclair83 (200) | ||
| 133944 | 2003-04-07 03:41:00 | I will be in the city this afternoon, I will make some phone calls and pass on your concerns in case someone has been infected or something. | Gordon. (2217) | ||
| 133945 | 2003-04-07 03:45:00 | You'll find that tcp/ip is how most computers communicate over the internet. It's the transmission protocol. As far as firewall logs are concerned the may items of interest are the ports and whether it is udp or tcp. The trace you did was looking up a database of address allocations and would not have connected to the offending computer. You would need to do a ping for that to occur. |
Gorela (901) | ||
| 133946 | 2003-04-07 05:49:00 | You call 16 busy. I had several hundred in a few days recently with most coming from my ISP. When I asked them what was going on they said it was normal. If it was normal I had never had it before and after approaching them a couple of times it ceased. | mikebartnz (21) | ||
| 1 | |||||