| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 28202 | 2002-12-13 04:47:00 | Port Scanning | pluto (2246) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 105643 | 2002-12-13 04:47:00 | Yesterday i was on net when suddenly Sygate (Pro Ver 5) started flashing in my system tray, upon clicking it, i saw message in security log: "someone is scanning you computer" I did back trace and Sygate gave all this "hops" and on 15th Hop it was listed: "sc017.171 block.vegas.smartconnect.net" I couldnt make of all the details, So i didnt know what to do or if the scan was succesfull or not. Sygate just gave me the message and that was all. Thought it was supposed to block scanning and probably give a message saying "port scanning stopped" Anyways i had to manually click on the "Block All" button on Sygate Today i got on net and as soon as i got connected i got this message from Sygate: "Fax Service is being connected by the remote machine(64.246.6.157) using local port 1031(IAD2-BBN IAD) " I dont know if there is any virus that got in my PC. I Did Virus scan with NAV 2002 and it didnt find any. Is there some virus/program that may have come in??? Any suggesstions on anything i can do to be sure nothing dodgy is on my system. Thankx Pluto |
pluto (2246) | ||
| 105644 | 2002-12-13 04:56:00 | Probably someone who has a IP scanning program trying to find people with open ports so they can hack. I am unsure abot the fax service thing though. Perhaps someone else might be able to enlighten pluto and myself to the cause of the problem. Brendonny |
Brendonny (929) | ||
| 105645 | 2002-12-13 05:20:00 | Find out (www.practicallynetworked.com) if your PC is secure or not :) ... | SKT174 (1319) | ||
| 105646 | 2002-12-13 07:41:00 | Hey You could also run the Symantec Security Tests (security1.norton.com) which are pretty good Also, have you tried the tools available from Steve Gibson?? Shields Up (grc.com) Probe My Ports (grc.com) Furthermore find some PCWorld articles on stuff like that - Geoff Palmer has quite a few interesting ones :D If these attacks are annoying you and you feel compelled to notify the ISP of the user then go to: Symantec's Trace A Potential Attack (security1.norton.com) once the Visual Trace has completed click the bottom listing in the right corner which will open a new window containing information on who you can contact CyberChuck |
cyberchuck (173) | ||
| 105647 | 2002-12-13 07:57:00 | firstly don't get to exicted when someone scans. even legit servers will scan. just ignore it as tracing it back can tip off any hacker that you are actually there. | tweak'e (174) | ||
| 105648 | 2002-12-13 09:37:00 | Thankxx Cyberchuck, And when i got the message from Sygate, IE wasnt open or i had any applications running, so i guess it wasnt a server scanning. I used the Norton Scan Service, and it detected the browser privacy flaw which is probably the privacy setting on the IE. However i did the test few times and one thing was odd, sometimes it gave all clear for port status scan and other times it said that port 5000 UPnP (Universal Plug and Play) was open to attacks. Oh i used the scan service and it seemed to trace the IP (Which the Fax service was trying to connect to) to Houstan Texas in US. Looked cool to see the trace routes go all around the world :D |
pluto (2246) | ||
| 1 | |||||