Port Scanning

Page 2 of 2 FirstFirst 12

  1. seekermeister
    Posts : 6,618
    W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
    Thread Starter
       New #11

    Okay, the bottom line is whether there is some way to pinpoint the actual person performing the attack, or at least get an idea of what he is trying to do?
      My Computer
    Quote Quote

  3. SledgeDG
    Posts : 2,009
    Windows 7 Ultimate x86
       New #12

    Especially since ISPs started to give out Dynamic IPs ther is no way of knowing, what user is behind such a scan. You would need the timestamp log from the ISPs in question.

    Sam Spade..I used to have that under XP...(out of sight out of mind) gotta go and d/l it again.
    Thanks for reminding me

    -DG
      My Computer
    Quote Quote

  4. SledgeDG
    Posts : 2,009
    Windows 7 Ultimate x86
       New #13

    To pinpoint, what they're really up to, you need a list of ports used by Trojans/Bots and other malware..I used to have such lists...maybe I'll find them again
      My Computer
    Quote Quote

  6. Lemur
    Posts : 3,139
    Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
       New #14

    Agreed. You need to contact your ISP and let them know the date and time your pc was scanned. The person doing it might even be ignorant of the fact - if a rogue virus or malware is behind it. But they need to know.
      My Computer
    Quote Quote

  7. seekermeister
    Posts : 6,618
    W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
    Thread Starter
       New #15

    Lemur said:
    Try this with your ip address:

    WHOIS Lookup for Domain & IP Address Research | Whois Source

    and the found ip.

    Is it similar?
    I ran both of the IPs involved by using your link, and all that it gives is a much more detailed list of data than Sam Spade did. However, it appears that it is not the local Cox office doing it, but the one in Atlanta, GA.
      My Computer
    Quote Quote

  8. pparks1
    Posts : 7,878
    Windows 7 Ultimate x64
       New #16

    I'm almost positive this is not your ISP, but as others said somebody on their network.

    As to why they do it...who knows? Maybe they are script kiddies, maybe their boxes have been compromised by somebody else (most likely) and they are scanning.

    I often have a Linux box taking incoming requests from the net and you can see truckloads of users trying to run Windows scripts against my Linux box. They simply scan a range of IP's and then thing they are really doing something fancy. You can tell they are running scripts as it just cycles through test, after test, after test...even though it should be obvious right from the start that they aren't going to gain access to cmd on my host.
      My Computer
    Quote Quote

  10. SledgeDG
    Posts : 2,009
    Windows 7 Ultimate x86
       New #17

    Right...when I used Comodo Firewall I got swamped with those Attack messages.
    At first I was all concerned and tried to investigate every case.
    Then I got defensive and crashed their comp through a by then unpatched loophole in winsock and don't you know...most of them were gone for a reboot so you knew those were script kiddies on a windows box.
    Now I run the Windows firewall (in addition to my router fw) and don't worry about them anymore.
    Obviously your safe since your Firewall caught/stopped the event.
    Basically it's just "white noise" on the cable...not worth losing any sleep over.
    The dangerous ones are those, your firewall doesn't tell you about

    -DG
      My Computer
    Quote Quote

 
Page 2 of 2 FirstFirst 12

  Related Discussions
So I'm not exactly sure what information I need to share to resolve this issue or know how to fix it. I've been trying to open this port (7198), and no matter what I try it just won't open. I'm not exactly sure how to explain the problem, but the title pretty much says all. If there's any...
I have dual monitors......my primary display monitor is a Chimei CMV223D My secondary display monitor is an Acer AL1916W. My graphics card is an HD ATI Radeon 5800. PROBLEM: My primary display monitor which usually has a display resolution of 1680x1050 is currently stuck on 640x480 and...
Hi All. My colleague and I each have a windows 7 machine on a LAN. Now I have ESET NOD32 installed and it frequently shows me that his PC's internal IP address is scanning my ports - "Detected Port scanning attack from 192.168.0.8". Now I checked the log files in ESET and it says everytime that...
Im using eset smart security 5 and im getting this message "Detected port scanning attack" Is this a serious threats or false alarm? If it is a serious threat how to neutralize it? Regards
Port Scanning
in System Security

Hey does anyone know of some good software for testing my firewall against port scanning etc? Pretty simple question here :p Cheers,
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 11:45.
Find Us