Find your solution!

erg57 · 07-Mar-2008, 06:51 AM #1

I am not an alarmist, but I am getting lots of port scans---one every ten seconds from same IP. I dont have their IP info with me right now (at work). Anyone else having this issue as of late? I use Sygate firewall. I use hardwired cable modem-no wireless. I checked ports with GRC and a few others and all ports show as "stealthed". Any recommendations? Any recourse? It has been years since I have seen this type of activity? Its more of an annoyance than anything.

blues_harp28 · 07-Mar-2008, 09:07 AM #2

Hi Sygate not the best Firewall available.
http://www.matousec.com/projects/win...ts-results.php

Watching the Firewall on a daily basis can make you paranoid [I know from experience]
GRC is a good program.
http://www.hackerwatch.org/probe

lotuseclat79 · 07-Mar-2008, 09:32 AM #3

Try downloading and installing nmap and nmapfe from here. Scan all 1-65535 ports on localhost, just to be sure that all of your ports are stealthed. Note: nmapfe is a gui front-end (for Linux) - I don't know if there is something similar for Windows and Mac.

-- Tom

erg57 · 07-Mar-2008, 02:52 PM #4

Thanks

by the way the IP scanning me is

77.92.68.39

lotuseclat79 · 08-Mar-2008, 09:59 AM #5

Find out which port is being scanned, and stealth it.

-- Tom

erg57 · 08-Mar-2008, 11:24 AM #6

The person has been scanning all of my ports. All of my ports THAT I KNOW OF are stealthed. Anyone know of a simple on-line scanner to audit all 65,000 of my ports? These scans are more than annoying. My firewall seems to be doing its job, but the alerts are driving me nuts. I could turn alerts off I suppose.

Would it do me any good to backtrace and let the ISP know that one of its users is doing this? Has this ever worked?

erg57 · 08-Mar-2008, 07:26 PM #7

I ended up uninstalling Sygate and installed Online Armor 2.0.1.95. No more port scans but I am sure the new f-wall has nothing to do with this. I like Online Armor. Low RAM usage and my bootup is faster now too

lotuseclat79 · 09-Mar-2008, 06:20 AM #8

Quote:

Originally Posted by erg57

The person has been scanning all of my ports. All of my ports THAT I KNOW OF are stealthed. Anyone know of a simple on-line scanner to audit all 65,000 of my ports? These scans are more than annoying. My firewall seems to be doing its job, but the alerts are driving me nuts. I could turn alerts off I suppose.

Would it do me any good to backtrace and let the ISP know that one of its users is doing this? Has this ever worked?

Hi erg57,

I have already given the links to nmap - simple to use with gui interface.

It may be possible that the user at that ip address is not even aware - i.e. their computer may have been compromised by malware.

Do a whois on the ip address and send email - of what is happening and that they should look into the possibility that their computer system may have been compromised due to the port scans you are experiencing.

-- Tom

Tag Cloud
acer audio bios boot bsod computer connection crash dell driver drivers email error firefox freeze game hard disk hard drive hardware install internet keyboard laptop linksys macro malware network outlook outlook 2003 outlook 2007 problem ram recovery redirect router server slow trojan usb video virus vista vpn windows windows 7 windows 7 64 bit windows vista windows xp wireless youtube

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for: