Click to See Complete Forum and Search --> : Just been port scanned, any advice?
SpookyEddy
09-01-2000, 08:57 AM
Black Ice Defender has just logged a NetBIOS port probe run against my machine 8 times.
At the time I foolishly had file & print sharing enabled with no password (stupid I know but win2k seems to do it by default & its a new install).
Is it likely that my system has been compromised?
I have the IP address & DNS for the origin of the attack.
Any advice greately appreciated
RampageIII
09-01-2000, 12:16 PM
I don't believe the firewall allowed access although it logged activity.
In ZoneAlarm I am notified of probes from time to time but unless there is permission granted there is no access to my computer or files.
SpookyEddy
09-01-2000, 07:24 PM
Just happened again, from a similar IP address & DNS.
Thanks for the advice
Mntsnow
09-01-2000, 10:57 PM
send a email to the offending ISP host giving them the details. that way they can contact the "offender" and give them a warning that they are being watched
SpookyEddy
09-02-2000, 10:02 AM
Will do.
Thanks again
Gutter Ball
09-02-2000, 12:03 PM
I've been getting scanned a LOT recently from users in Korea :/ Numerous emails sent to the abuse/admin have gone unanswered :/ I don't think they care cause we're in North America. Ah well...keep them firewalls up http://sysopt.earthweb.com/forum/smile.gif I did get one person kicked off their provider though http://sysopt.earthweb.com/forum/smile.gif Scanned me over 100 times that person!!
a Bill
09-03-2000, 07:10 AM
He must not have been very good if he had to scan you 100 times. I only scanned you once and got all the info I needed http://sysopt.earthweb.com/forum/smile.gif
brandon184
09-03-2000, 10:48 PM
Get ZoneAlarm.
http://www.zonelabs.com/
If your on a dialup connection, and your system is vulnerable to port flooding, get NukeNabber.
http://www.nukenabber.com/
- Brandon
RampageIII
09-04-2000, 03:18 PM
brandon, I had trouble with your link to nukenabber but did find same here:
http://shareware.netscape.com/computing/shareware/download.tmpl?p=PC&category_id=37&subcategory_id=334&id=52914
smokin1
09-04-2000, 07:09 PM
LOL aBill....
http://sysopt.earthweb.com/forum/wink.gif
LOL do continuos ping requests until they stop. What I find a good deturent is to scan em back BOY do they hate that. They stop real fast when they get that message back saying you've been probed!!
Gutter Ball
09-06-2000, 11:02 AM
A Bill, tell me about it. You figure he'd stop after the first 10 tries, but noooooooo...so I just sent the admin all 100 (okay, it's more around 65, but it seemed like 100 logs) trace.bat's I ran. That was one huge email! Heh, that's what I'm more worried about..those who actually KNOW what they're doing http://sysopt.earthweb.com/forum/smile.gif
[This message has been edited by Gutter Ball (edited 09-06-2000).]
smunzli
09-11-2000, 01:52 AM
guess non of you have ever port surf before?
surfs up
by the way, if you don't like them use the ping comman with the -t switch.
hav0c
09-12-2000, 06:23 PM
Umm it's not illegal to port scan(I think). But the ISP doesn't wanna lose money so I don't think the ISP would do anything to the user unless he is DoS attacking you or has compromised your computer.
SysOpt.com
Copyright Internet.com Inc. All Rights Reserved.