"Somebody is scanning your computer."

Discussion in 'Computer Security' started by [email protected], Dec 12, 2005.

  1. NoLuck@All

    [email protected] New Member

    Messages:
    36
    My firewall says "Somebody has scanned your computer. Your computer's UDP ports 4163, 4164, 4165, and 4168 have been scanned from 69.148.41.99.." I dont like the looks of this.
     
  2. LTSPLAY

    LTSPLAY New Member

    Messages:
    34
    im only new at this so the following could be a load of rubbish

    By the looks of it its SBC Internet Services

    correct me if im wrong but does it mean some (or maybe several) host(s) are looking to see if you have any
    ports open that they can
    exploit
    The firewall is just letting you know this is happening.
    I heard its pretty normal to get the odd port scan.


    At least your firewall is picking it up
     
    Last edited: Dec 12, 2005
  3. StrangleHold

    StrangleHold Moderator Staff Member

    Messages:
    19,543
    Do you have a firewall and if so did it say that it stoped it, if so your good to go!!
     
  4. NoLuck@All

    [email protected] New Member

    Messages:
    36
    Didnt say it stopped it but I just found out it said it was minor. So Im not gonna worry.
     
  5. StrangleHold

    StrangleHold Moderator Staff Member

    Messages:
    19,543
    If theres a setting to block it altogather do that next time
     
  6. Jerkstore

    Jerkstore New Member

    Messages:
    351
    do you currently have a router set up??
    if you are connecting through a router then either a) someone on your own LAN is scanning your IP, or b) a machine on your LAN has been compromised

    by the sounds of it...this is unlikely, that you have a router, as your firewall should only pick up external connections, leaving all internal network connections wide open

    your firewall should block these attempts, basically someone is scanning your IP to see if there is any exploitable software active on those ports....sometimes you can run code from these exploits, sometimes a DoS attack followed by a man in the middle attack...just make sure you have a good firewall set up, or get yourself a router
     
  7. NoLuck@All

    [email protected] New Member

    Messages:
    36
    Got a router running to a lap top on another floor of the house.
     
  8. Jerkstore

    Jerkstore New Member

    Messages:
    351
    ok well...are YOU Behind a router??

    btw, the guy scanning you is from Texas and uses Southwestern Bell Internet Service
    For Policy Abuse issues contact: [email protected] [1-800-648-1626]

    If you hide behind a router then your machine isn't open to public attacks unless you put your internal IP in the router's DMZ or he's scanning ports that you are forwarding
     
  9. shupola

    shupola Active Member

    Messages:
    1,029
    and where exactly did you get this info??
     
  10. LTSPLAY

    LTSPLAY New Member

    Messages:
    34
  11. elmarcorulz

    elmarcorulz VIP Member

    Messages:
    6,003
    http://cqcounter.com/whois/


    With this, it also tells you his address and name. Although, tbh, i have no idea if its him. I was going by "custname" and assumiong it was customer name

     
  12. Jerkstore

    Jerkstore New Member

    Messages:
    351
    That is his local ISP's address....
    you can find out more about HIM...but not from a whois, and the mods I'm sure will delete my posts if I tell you any ways ;)

    but you can always call that number and do a little SEing
     
  13. The_One

    The_One New Member

    Messages:
    147
    get a IP blocking program, look up in google. Then block his IP.
     

Share This Page