boemba Posted June 30, 2002 Report Share Posted June 30, 2002 Just to check it out I installed some firewall software from McAfee on a one month trial basis yesterday. I am connected quite a few hours a day and use a regular modem, my connection is very good most of the time. To my big surprise I get messages that people are trying to connect to various ports on my computer, like about 2, 3 times every hour. The software let you trace the attempted connection and allows you to report the event. I am quite puzzled by this, this must of course have been going on a long time before I used this software. What are the implications? I did not know people where so active probably randomly scanning the internet to get into other people's computers. I can not see any possible attraction to me personally, but I wonder what the purpose is of this all. Anyone has similar experiences with this. In any case, it really makes me consider installing the software after the trial period. Do I have to assume to some people had access to the data on my computer? I did not experience any untoward effects, as far as I can judge. (although I have had my load of viruses over the last year, possibly of people who object to the kind of website I run) Link to comment Share on other sites More sharing options...
khunsanuk Posted June 30, 2002 Report Share Posted June 30, 2002 Hi, I have been running a firewall (ZoneAlarm, free) for quite sometime now and I too notice quite a lot of scans. Most of these are probably harmless, but it doesn't hurt to be a bit paranoid. Sanuk! Link to comment Share on other sites More sharing options...
adikgede Posted June 30, 2002 Report Share Posted June 30, 2002 What you are probably seeing is a script that someone has initiated across a range of IP addresses, unless you are running some open ports that they are interested in like 80 (http) and 139 (smb) as well as any that might be used for file sharing services your computer will not attract any further attention. However that is not to say that you should not continue to run a firewall, and keep it updated. Link to comment Share on other sites More sharing options...
Guest Posted June 30, 2002 Report Share Posted June 30, 2002 >(although I have had my load of viruses over the last year, >possibly of people who object to the kind of website I run) What type of website do you run? The website address listed as your hompage is not available. Link to comment Share on other sites More sharing options...
khunsanuk Posted June 30, 2002 Report Share Posted June 30, 2002 Hi, "although I have had my load of viruses over the last year, possibly of people who object to the kind of website I run" Install Mailwasher (www.mailwasher.net). It filters your email and warns you if it suspects viruses or spam, allowing you to delete the email directly from the server. Sanuk! Link to comment Share on other sites More sharing options...
Boo Radley Posted July 1, 2002 Report Share Posted July 1, 2002 Hi, I noticed the same thing after recently installing a firewall for the first time. About 2 port scans/break-ins per hour on average. On tracing them they seem to come from all over, but quite a few are from China and the USA. I wonder how many of them are real or just false positives (picking up background noise perhaps)? Link to comment Share on other sites More sharing options...
boemba Posted July 1, 2002 Author Report Share Posted July 1, 2002 Thanks for reminding me. I must have been visiting this webboard for a long time now. Hardly remember the homepage location I mentioned there. Made some changes now. Link to comment Share on other sites More sharing options...
Tycona Posted July 1, 2002 Report Share Posted July 1, 2002 Hi, 2-3 attacks an hour is not a lot. I get them by the dozen per hour. Most of them are harmless. As long as you do not download and execute unknown programs from a dubious source and have a firewall you should be ok. I suggest you check out this website and let it check your shields with and without your firewall software running... https://grc.com/x/ne.dll?bh0bkyd2 Link to comment Share on other sites More sharing options...
soongmak Posted July 3, 2002 Report Share Posted July 3, 2002 I did the tests both with and without my free version of zonealarm running and both times it confirmed full stealth mode of all my ports. I never had a warning from zone alarm that someone on the internet was probing my ports, so I even thought it wasn't properly functioning, but I guess I am wrong here. At least it helps me to prevent all my software connecting to the internet without my permission. cheers, soongmak Link to comment Share on other sites More sharing options...
Guest Posted July 7, 2002 Report Share Posted July 7, 2002 Zonealarm (free version) is itself a powerful software - providing necessary security. I got quite a lot of scans (blocked by ZA and indicated in the ALERT). The hackers are using simple programs/scripts to run thru the night scanning the zillion internet connected devices - and wakes up in the morning to find their open ports. Truth too is that open ports doesn't mean they can just go in without doing anything. A hacker would still need to make sure you're online, at the right time, opening right ports, tapping the right password at certain comm level, while disabling your AV or FW progs. IN short, most hackers just put up a trojan horse in websites, bb, chat irc servers.. and trap innocent internet virgin to click and install the trojan that opens the backdoors in situ. Brute force attack seldom suceed in real life - and besides - a hacker have better used a good processing machine and hack into some banks / classified info than our PCs. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.