Re: kitty.avast.com scanning my ports and internal process trying to access their ip
From: Lars M. Hansen (badnews_at_hansenonline.net)
Date: 05/03/04
- Next message: Duane Arnold: "Re: Help with Windows VPN setup and Astaro firewall"
- Previous message: Duane Arnold: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- In reply to: Claudio: "kitty.avast.com scanning my ports and internal process trying to access their ip"
- Next in thread: Claudio: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- Reply: Claudio: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 02 May 2004 18:48:43 -0400
On Sun, 02 May 2004 14:17:58 +0200, Claudio spoketh
>On April 30 I visited the "avast" (antivirus) site looking for a free
>antivirus. I browsed for less than 5 minutes and downloaded nothing.
>
>On May 1st I read in my Kerio 4 firewall log:
>
>'01/May/2004 10:46 "port scan has been detected" remote address
>"kitty.avast.com" permitted'
>
>Since this rang an alarm bell, I set a rule in Kerio to block their
>IPs, then
>
>'01/May/2004 22:25:23 application <tcpip kernel driver> out remote
>addres "kitty.avast.com" protocol "ICMP" denied
Are there any more details in these logs? A port scan often indicates
something coming from the outside trying to get in, not the other way
around.
How about providing a bit more about these connections. Source and
destination would be nice, as well as port numbers (both source and
destination as well).
The ICMP you see is most likely an ICMP port unreachable or host
unreachable message, and it's because you are blocking that IP address
(or addresses). What caused the ICMP is still unclear, since we've seen
no log data from you ...
Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)
- Next message: Duane Arnold: "Re: Help with Windows VPN setup and Astaro firewall"
- Previous message: Duane Arnold: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- In reply to: Claudio: "kitty.avast.com scanning my ports and internal process trying to access their ip"
- Next in thread: Claudio: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- Reply: Claudio: "Re: kitty.avast.com scanning my ports and internal process trying to access their ip"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
