IgnatiusJReilly Posted August 31, 2004 Share Posted August 31, 2004 Since I installed SP2, I have had about 200 third party attacks (from different IP addresses) every day. Each time I get a warning message from Norton Internet Security saying "A remote system is attempting to access your computer." Norton also recommends that I not permit these remote systems to access my computer. Does anyone have any idea what these attacks are? Link to comment Share on other sites More sharing options...
Vann Posted August 31, 2004 Share Posted August 31, 2004 I bet it's the communists. They're always trying to sneak into my computer. Link to comment Share on other sites More sharing options...
Tarun Posted August 31, 2004 Share Posted August 31, 2004 It might help if you can post a segment of the log from your firewall.More than likely these are just pings, ICMP echos and items of that nature. I'd get them on occasion and be alerted with Outpost Professional (Much better than Norton and ZAP, in my honest opinion.) Link to comment Share on other sites More sharing options...
IgnatiusJReilly Posted August 31, 2004 Author Share Posted August 31, 2004 The following are the details of the typical attack alerts:Details: The user has created a rule to "block" communications Inbound UDP packet Local address, service is () Remote address, service is (209.173.245.119,8264) Process name is "N/A"Details: The user has created a rule to "block" communications Inbound TCP connection Local address, service is () Remote address, service is (64.231.80.78,4480) Process name is "N/A" Link to comment Share on other sites More sharing options...
likuidkewl Posted September 1, 2004 Share Posted September 1, 2004 Search results for: 209.173.245.119 OrgName: SECURE WEBS INCOrgID: SEWBAddress: 463 W FIFTHCity: COLVILLEStateProv: WAPostalCode: 99114Country: USNetRange: 209.173.240.0 - 209.173.255.255CIDR: 209.173.240.0/20NetName: SEWB-2NetHandle: NET-209-173-240-0-1Parent: NET-209-0-0-0-0NetType: Direct AllocationNameServer: NS1.DNSWIZARDS.COMNameServer: NS2.DNSWIZARDS.COMComment:RegDate: 2004-08-24Updated: 2004-08-24NOCHandle: HM184-ARINNOCName: HostmasterNOCPhone: +1-509-684-2511NOCEmail: hostmaster@securewebs.comOrgTechHandle: HM184-ARINOrgTechName: HostmasterOrgTechPhone: +1-509-684-2511OrgTechEmail: hostmaster@securewebs.com# ARIN WHOIS database, last updated 2004-08-30 19:10# Enter ? for additional hints on searching ARIN's WHOIS database.Also both these ports are associated with Proxy servers. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now