Re: Incomings syns & pings

From: Don Kelloway (
Date: 06/29/04

Date: Tue, 29 Jun 2004 21:06:47 GMT

"Marco" <desspams@jenveuxpas.stop> wrote in message
> For a few hours now, my firewall has been kept busy blocking TCP
> attempts on ports 135, 137 & 445 on its WAN IP address, as well as
> which are not echoed by rule. The logs are flooded by these attempts
> this has been going on for 3 hours now (5 to 10 events / minute).
> Anybody has any clue about this ?
> Is there some kind of world wide mess going on ? (I have heard of some
> virus going around ...)
> Or is this something more focused ?
> Thanks for your advice
> Marc

It is the unfortunate result of other systems which have become
compromised, attempting to locate other systems to compromise. Such
activity occurs 24/7/365 and as long as you can be sure that your
firewall is appropriately configured to block these connection attempts
and probing, I would focus my attention elsewhere.

Best regards, from Don Kelloway of Commodon Communications
Visit to learn about the "Threats to Your
Security on the Internet".

Relevant Pages

  • Re: What is the Pattern here ?
    ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
  • Re: Port 135
    ... The patch doesn't disable DCOM / RPC, so connections can still be made. ... That's why you need a firewall. ... the patch is not the thing to control ... control over your TCP/IP ports and services, ...
  • Re: Black Ice confesses faulty program!!!
    ... > outgoing connections or traffic except in cases where these connections ... > "dangerous/suspicious" traffic by the BlackICE program. ... > get into your machine then even a PC *without* a firewall is completely ... If you don't think "Spyware" is a problem for computer ...
  • Re: Networking/Security Question...
    ... The router itself will be a Cisco 1721. ... >setup is very simple... ... XP sp2 having the firewall on by default. ... > # but deny established connections that don't have a dynamic rule. ...
  • Re: XPsp2 firewall - bug? - disables on certain networks
    ... Firewall Settings for Microsoft Windows XP with Service Pack 2" document ... Even if the DNS suffix is different, the computer can get a new policy from ... manually enter the DNS server and suffix settings for all connections. ...