New
#11
Okay, the bottom line is whether there is some way to pinpoint the actual person performing the attack, or at least get an idea of what he is trying to do?
Okay, the bottom line is whether there is some way to pinpoint the actual person performing the attack, or at least get an idea of what he is trying to do?
Especially since ISPs started to give out Dynamic IPs ther is no way of knowing, what user is behind such a scan. You would need the timestamp log from the ISPs in question.
Sam Spade..I used to have that under XP...(out of sight out of mind) gotta go and d/l it again.
Thanks for reminding me
-DG
To pinpoint, what they're really up to, you need a list of ports used by Trojans/Bots and other malware..I used to have such lists...maybe I'll find them again
Agreed. You need to contact your ISP and let them know the date and time your pc was scanned. The person doing it might even be ignorant of the fact - if a rogue virus or malware is behind it. But they need to know.
I'm almost positive this is not your ISP, but as others said somebody on their network.
As to why they do it...who knows? Maybe they are script kiddies, maybe their boxes have been compromised by somebody else (most likely) and they are scanning.
I often have a Linux box taking incoming requests from the net and you can see truckloads of users trying to run Windows scripts against my Linux box. They simply scan a range of IP's and then thing they are really doing something fancy. You can tell they are running scripts as it just cycles through test, after test, after test...even though it should be obvious right from the start that they aren't going to gain access to cmd on my host.
Right...when I used Comodo Firewall I got swamped with those Attack messages.
At first I was all concerned and tried to investigate every case.
Then I got defensive and crashed their comp through a by then unpatched loophole in winsock and don't you know...most of them were gone for a reboot so you knew those were script kiddies on a windows box.
Now I run the Windows firewall (in addition to my router fw) and don't worry about them anymore.
Obviously your safe since your Firewall caught/stopped the event.
Basically it's just "white noise" on the cable...not worth losing any sleep over.
The dangerous ones are those, your firewall doesn't tell you about
-DG