Solve : Someone is probing my ports....? – InterviewSolution

InterviewSolution

1.	Solve : Someone is probing my ports....?
Answer» Hi I'm running Windows XP SP2. AVG anti virus. ZoneAlarm Firewall. Running on dsl through a proxy server. I've SEEN a few attempts for the first time today, my ZoneAlarm log: FWIN,2006/08/05,22:32:04 +2:00 GMT,192.168.36.1:137,192.168.0.93:137,UDP FWIN,2006/08/05,22:32:04 +2:00 GMT,192.168.135.1:137,192.168.0.93:137,UDP FWIN,2006/08/05,22:32:04 +2:00 GMT,192.168.36.1:2843,192.168.0.93:139,TCP (flags:S) FWIN,2006/08/05,22:32:06 +2:00 GMT,192.168.135.1:2844,192.168.0.93:139,TCP (flags:S) FWIN,2006/08/05,22:34:24 +2:00 GMT,192.168.36.1:2849,192.168.0.93:139,TCP (flags:S) FWIN,2006/08/05,22:34:24 +2:00 GMT,192.168.135.1:2850,192.168.0.93:139,TCP (flags:S) FWIN,2006/08/05,22:35:30 +2:00 GMT,192.168.36.1:2868,192.168.0.93:139,TCP (flags:S) FWIN,2006/08/05,22:35:30 +2:00 GMT,192.168.135.1:2869,192.168.0.93:139,TCP (flags:S) That is just a few. The first Ip is the intruder, second is my IP. I am not a security expert. Is there a way for me to see or trace or whatever who is doing this? RegardsWell, I'm not an expert either, but have you tried a the tracert? (traceroute)? If you don't know how go to Start ---> Run, type "cmd.exe", and finally type tracert <INTRUDERS IP> What does it SAY? You might be able to find his ISP, and then report him to [email protected] or something of the like. EDIT 1: Nevermind, I guess you won't really be able to trace him because I think your being scanned from within your own network because all the addresses start with 192.168. EDIT 2: I don't really know what this means, but I know that all the IP addresses are Local Network addresses because they start with 192.168. I guess that means that whoever is intruding must be inside the network or something. EDIT 3: It looks like the intruder is scanning your NetBIOS ports probably looking for shared files/printers. As long as you don't have File and Printer Sharing enabled I don't think you have to worry about him getting in that way.It is possible that someone on my network is trying to access my pc. You see, I'm connected to my neighbour. He is running dsl. I get internet through a proxy set up on his pc. He also has an wireless antenae on his roof. So, maybe someone is CONNECTING through that. I know of the tracert command, doesn't work by the way. Isn't there another way of me FINDING out who tried to access me, a piece of software or something? RegardsYou're only as secure as he is, and how you have things set up.Travel here for tons of info on your vulnerabilities and solutions... https://www.grc.com/x/ne.dll?bh0bkyd2 patio. 8-)

Discussion

No Comment Found

Related InterviewSolutions