Re: Incomings syns & pings
Date: Tue, 29 Jun 2004 21:06:47 GMT
"Marco" <email@example.com> wrote in message
> For a few hours now, my firewall has been kept busy blocking TCP
> attempts on ports 135, 137 & 445 on its WAN IP address, as well as
> which are not echoed by rule. The logs are flooded by these attempts
> this has been going on for 3 hours now (5 to 10 events / minute).
> Anybody has any clue about this ?
> Is there some kind of world wide mess going on ? (I have heard of some
> virus going around ...)
> Or is this something more focused ?
> Thanks for your advice
It is the unfortunate result of other systems which have become
compromised, attempting to locate other systems to compromise. Such
activity occurs 24/7/365 and as long as you can be sure that your
firewall is appropriately configured to block these connection attempts
and probing, I would focus my attention elsewhere.
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".
- Re: What is the Pattern here ?
... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
- Re: Port 135
... The patch doesn't disable DCOM / RPC, so connections can still be made. ... That's why you need a firewall. ... the patch is not the thing to control ... control over your TCP/IP ports and services, ...
- Re: Black Ice confesses faulty program!!!
... > outgoing connections or traffic except in cases where these connections ... > "dangerous/suspicious" traffic by the BlackICE program. ... > get into your machine then even a PC *without* a firewall is completely ... If you don't think "Spyware" is a problem for computer ...
- Re: Networking/Security Question...
... The router itself will be a Cisco 1721. ... >setup is very simple... ... XP sp2 having the firewall on by default. ... > # but deny established connections that don't have a dynamic rule. ...
- Re: XPsp2 firewall - bug? - disables on certain networks
... Firewall Settings for Microsoft Windows XP with Service Pack 2" document ... Even if the DNS suffix is different, the computer can get a new policy from ... manually enter the DNS server and suffix settings for all connections. ...