Port scans...or just me?[more]
[View]
[Reply]
[Top]
Posted by Maj genius3000
On 2004-03-26 00:05:37
|
This just started a couple days ago - my firewall has been catching ca.net when I'm browsing the site.
Time, Event, Intruder, Parameter(s), Count, Destination Port, Source Port
3/25/2004 6:05:17 PM, TCP_Port_Scan, www.cyberarmy.net, port=1475-1478|1499|1526|1601|1604, 1, 0, 0
Anyone else notice this? Any explanation beyond just the usual activity of local ports for browsing a site?
Later.
|
RE: Port scans...or just me?[more]
[View]
[Reply]
[Top]
Posted by ViceCinC wa1800z
On 2004-03-26 09:12:02
|
weird
if you been hitting stop and reload a lot (depending on your browser, which do you use), it can push your firewall to complain if server wise the timeout hasn't occured it, and it's still sending packets to what your firewall considers a closed socket, but even in that case, it shouldn't detect a "port scan".
another weird thing, is that ca's ip doesn't rdns to www.cyberarmy.net, so you firewall shouldn't set 'www.cyberarmy.net' as the "intruder".
|
Well...
[View]
[Reply]
[Top]
Posted by Maj genius3000
On 2004-03-26 23:51:30
|
I haven't been doing that - but I do go from forum to forum quickly/constantly - probably some weird thing with sockets and the firewall.
It would say 'www.cyberarmy.net' because it is in my hosts file yet, that is why it would dns it to that (most likely).
Later.
|
|
RE: Port scans...or just me?[more]
[View]
[Reply]
[Top]
Posted by Tr Womo
On 2004-03-26 00:14:10
|
Yea, what firewall are you using and what ports do you have open, also the OS you're running might be vulnerable to specific ports as well.
|
RE: Port scans...or just me?[more]
[View]
[Reply]
[Top]
Posted by Maj genius3000
On 2004-03-26 03:56:23
|
I just recently updated BlackIce PC Protection to 3.6 ccg - which is about the time I started getting the "attacks". Probably just the update causing it now or something.
Running win2k Pro atm.
Later.
|
|
|
|
|