Attack Detected



My firewall continually pops up with a little message saying that an attack
to some port was detected. It gives me some numbers (like that's supposed
to mean something to me) that I don't understand. There's a log with long
lists of these "attacks."
Am I supposed to do something with this stuff? How do I find out who the
attacker is?
As you can see, I'm not very experienced with firewalls (except for
shutting them off).
Al


.



Relevant Pages

  • RE: Strange loopback in firefox.
    ... described as heavy attack from outside IP addresses. ... either using the Microsoft_DS port or epmap port to connect). ... For example a connection from port 3014 to 3015 and the next ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Security problem
    ... simply to use a non-standard port. ... names and passwords, on large ranges of IP addresses. ... order to perform successful brute-force attack and that's ludicrous. ... DROP incoming packets for other ports (and what internet-facing server ...
    (comp.os.linux.development.apps)
  • Re: SSH server under attack...
    ... It's highly possible that even though you changed the port, an automated script discovered the new port by probing the ports and matching version numbers, ie: ... the new machine to attack me is 200.55.192.29. ... Failed password for invalid user admin from::ffff:200.55.192.29 port ...
    (Security-Basics)
  • FW: Legal? Road Runner proactive scanning.[Scanned]
    ... You consider a port scan to be an attack? ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
    (Security-Basics)
  • SSH server under attack...
    ... OK...within a few hours the server was being attacked again on port 2222. ... The router/firewall logs dont show any dropped packets sent to port 22 so he changed the port of the attack script. ... I scanned the machine and found that it is hosting a webserver Server at www.springs.cl) among other services. ... Invalid user admin from::ffff:200.55.192.29 Failed password for invalid user admin from::ffff:200.55.192.29 port ...
    (Security-Basics)