hello
i was not sure where to post this.
ive gottene 1200 hits on 1200 or so diferant ports.from ip addy:151.196.239.119
any one else get this?
and them dang virus e mails 30+ in 2 days.
my systems fine i would give scects but i run 5 difreant o/s depenging on drive or drives i have on board at any time.
m.e my favorite i like a chalenge.and it does give one http://www.PCGuide.com/ubb/wink.gif
have a nice day and if im in the roung forum sorry

------------------
resistance is invigorateing lol

Do you perhaps use verizon as your ISP?

Running a bsic tracert on the ip addy you provided ( for me anyways 0 gets a return of verizon.net-plus a few class A ip's in between.

A lot of time your very own ISP will ping you ( especially on cable broadband ) to make sure you're not using your linkage as a server if you're not paying for it-i routinely get pinged from Comcast, i pay it no mind.

As long as your firewall is stopping them, and reporting them to you-i wouldn't worry.

If it gets to annoying, then just unplug your connection. http://www.PCGuide.com/ubb/smile.gif



------------------
iisbob

Computer-Show me the Enterprise; no bloody A, no bloody B, and no bloody C-just the original...Mr Scott { from a STNG episode }

Borgdrone
My highest upto date is 480 in just under 2 hours. This only happens with XP and not win98. I stopped looking up/tracing. Some from my ISP group of addresses but a lot form other UDP and TCP ports.

------------------
Ernie

hello
thx for your repllys.
i dont use verison. these hits were none stop hits one port afteranther.would probly gone higher. but i cut the internet conection as my on line time was up. allways check zap alearts befor shutting down
what are class a ip,s?
i had d/loaded some hacked viersions of pop p2p files share programs. but no trojins detected by av or the cleaner.
would be my luck trying to get rid of spy ware and pop ups to get a trojin in its place lol
thx again
and have a nice day http://www.PCGuide.com/ubb/biggrin.gif

------------------
resistance is invigorateing lol

While it could be possible that some of it was the filesharing programs they are usualy concentrated on a couple of ports, I think it is time to do several scans to make sure you haven't picked up a backdoor trojan......


------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

151.196.239.119 is a IP address assigned by Verizon to one of their internet customers. (I think their DSL customers are assigned dynamic IPs)

Normally, if you see a "scan" where the port numbers are increaseing by one. My first feeling would be a file sharing program that is looking for an open port to your "server". (In fact you can sometimes see FTP servers doing this very thing.)

Trojans will always run on one or 2 well know ports or be assigned a port by whomever planted the trojan. Trojan programs don't scan ports, (and in any case it wouldn't scan the very computer it's running on) but a person looking for a trojan might scan well know trojan ports looking for one running on your system.

Take a look at whatever P2P programs your running. Find out how they connect to others. That's proably where you'll find your answer.


Good Luck http://www.PCGuide.com/ubb/smile.gif

hello
right now and for the last 10 days or so ive not been on a p2p.but i am down loading from a privet source.and not shareing any thing on up load.
i was in this fourm well the scan was going on but i think thats just coincedence.id just left anther help forum 5 minets or so befor.ive run both mcafee and norton 2002 pro.and ran housecall online and have run moo soft.clean on all counts. the new ad-ware 5.8 only found one duble click cookie.
so still puzzeld.. http://www.PCGuide.com/ubb/rolleyes.gif
thank your veary much for your time.

------------------
resistance is invigorateing lol

You don't have to be "online" with your P2P to get hits.
P2Ps work by keeping a list of "servers" to connect to. If a P2P peer wants to look at what you have it will "hit" you reguardless of what your doing. If your "offline" with your P2P and the remote peer can't connect it will scan your ports looking for the other "peer". Starting at whatever the defaut port is and increasing the designation port by one as it scans. (again it depends on what P2P your using.)


It is very unlikly that an intruder is scanning all your ports. Unless your "yahoo" or "ebay" most "hackers" aren't going to waste the time needed for such a clumsy scan.

Of course you can take this advice or leave it...but I would suggest that a good starting point is your P2P programs.


Good Luck http://www.PCGuide.com/ubb/smile.gif




[This message has been edited by Ghost_Hacker (edited 04-30-2002).]

hello
on this copy of my o/s there are no p2p file shareing programs.
the only music i,m getting is from a one way conection.its a privet sight. not p2p.

------------------
resistance is invigorateing lol

Sounds like you have a static IP address?

If so you may want to go through the reset procedure and grab a new address...the one you are currently using may be tagged as having P2P capabilities and some idiot software on the other end just isn't getting the message that you are unavailable.

------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

hello mjc
yes i have a static ip.how would i go about changeing it as ive never had a reson to do so.i,m not sure even where to start on that.
thx
have a good day

------------------
resistance is invigorateing lol

If the static ip is from your isp, don't change it without getting with them first! Or you'll not be able to connect to the internet! http://www.PCGuide.com/ubb/eek.gif

When you sign up for broadband , they assign you a netbios name and ip address, most use some form of DHCP.

Comcast actually uses a DHCP server, so my ip only changes if i release/renew. Majority of the time i get the same ip reassigned to me { already in the router table }. You isp will have a specific pool of addresses set up for it's customers, you should contact them before attempting any manual changes.

If you know you are using DHCP to get your ip; then open a cmd line ( if in NT/2k/XP ) and type-ipconfig/ release-this will disconnect you from the network and remove your current ip settings. Then type ipconfig/ renew to allow your system to reconnect to the network and retrieve a new ip ( more than likely you'll get the same one as their router has a table with you in it already configured ).

This has the effect of removing you from the " sights " of any app that is trying to find you. Leave your network disconnected for about a minute or two, then use the renew command to reinitialize your connection.

You can also use the winipcfg tool in 95/98/ME to do this.Just make sure you're on a dynamic network first.




------------------
iisbob

Computer-Show me the Enterprise; no bloody A, no bloody B, and no bloody C-just the original...Mr Scott { from a STNG episode }

iisbob is absoultely right, I should have warned you about the reset, each broadband ISP has a different method of doing it. Some are pretty easy, like he explained and others almost require an act of Congress......so if you are unsure how to do it check with your ISP first.

------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

hello
thank you veary much is and mjc
unfortunately i,m on dial up and static ip
ive contacted my isp and after two acts of congress and a change to constituion thy have agreed to reasign new ip need new cookies after ?
ill be haveing to reconfigure a new conection acording to them.
it was like pulling teath,but thx again for your help every one.

http://www.PCGuide.com/ubb/biggrin.gif

------------------
resistance is invigorateing lol

You're on dialup???!!!! with a static ip?

http://www.PCGuide.com/ubb/eek.gif

This is a new one to me, how do you keep your modem from disconnecting when the line noise gets to great? or when you have no packet activity; all dial up isp settings i know about will automatically boot you to free up an ip for someone else!

This is something i've never heard of!? A Canadian thing maybe? That's what makes dial up so secure is the fact that you use DHCp and almost never ge the same ip twice in a row-and you're usually only on for a few hours tops-whereas a broadband connection like mine is a " static " connection becuase i don't constantly change my ip, i don't have to dial in either.

Only times i've ever seen ( or used ) a static ip on dial up is/was using a RAS server for someone dialing in from home or on the road for their office applications.

This is too wierd.



------------------
iisbob

Computer-Show me the Enterprise; no bloody A, no bloody B, and no bloody C-just the original...Mr Scott { from a STNG episode }

hello
my ip unless i change acounts or arange with isp to change dose not change.
sympatico.call them if you dont beleave me.

------------------
resistance is invigorateing lol

hello iibob
i wish to appollogize to you.i reread your last post and checked back with isp. its as you say.they have a pool in this case its got 10 diferant ips in each and unless the one i usealy conect to is full i have a one chance in 10 of getting the same ip. but we tryed to day and 4 out of 10 conected to the same ip.only one other in that 10 was being used .so i was told. hope thisakes sence to you.as i have to take them on what they tell.me
sorry for being rude
take care and thank you all for your help.

------------------
resistance is invigorateing lol