|
| | | New Member
Group: Forum Members
Last Login: 7/24/2008 1:29 PM
Posts: 55, Visits: 117 |
| | Dear Richie Hi! Hope u're keeping well. For a while now, i've managed to run my system without having any virus on it. However, off late, i've started getting messages from sygate that "Somebody is scanning your computer.
Your computer's TCP ports:
6588, 1080, 8080, and 8000 have been scanned from 118.168.156.153.." "Somebody is scanning your computer.
Your computer's TCP ports:
3124, 4480, 50050, and 8080 have been scanned from 118.161.243.89.." Somebody is scanning your computer.
Your computer's TCP ports:
6588, 1080, 8080, and 8000 have been scanned from 118.168.148.196.. and a lot more of these... Could you please advise what could be resulting in this. I'm on a wireless network, XP Pro SP2. I've run kaspersky/webroot spyware but found no traces. Please help Thanks S |
| |
| | | 
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 29,533, Visits: 54,734 |
| Do you recognise the following details as your ISP,if you do you've nothing to be concerned about.
inetnum: 118.168.0.0 - 118.171.255.255
netname: HINET-NET
country: TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100
_______________________________________________
ASAP & UNITE member since 2006
 
|
| |
| | | New Member
Group: Forum Members
Last Login: 7/24/2008 1:29 PM
Posts: 55, Visits: 117 |
| | Thank you for your reply richie I do not recogonise the details u've sent me. The current IP address that i of 220.224 series and can never be in the 118 series. Also, the country can't be TW. It has to be IN. Please help Thanks S |
| |
| | |
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 29,533, Visits: 54,734 |
| While your pc is being scanned just like everyone else's is from time to time,you're perfectly safe while Sygate is blocking them,this is why the use of a firewall is so important.
If you're still concerned,then do the following,lets see if anything turns up.
Download Trend Micro HijackThis 2.0.2 to your desktop:
Double click on HJTInstall.exe,it will prompt you to extract hijackthis.exe to C:\Program Files\Trend Micro\HijackThis.
When the install is complete,HijackThis will automatically launch.
When the license agreement appears,select "I Accept" and then click on the "Do a system scan only" button.
When the scan is complete,click on the "Save Log" button,then save it to your desktop.
Copy and paste the entire contents of that log into a new topic in the HijackThis Logs forum, not here.
_______________________________________________
ASAP & UNITE member since 2006
|
| |
| | | 
Forum Moderator
Group: Moderators
Last Login: 8/8/2008 6:28 AM
Posts: 2,787, Visits: 7,025 |
| The goal of the firewall is to prevent remote computers from accessing yours and provide an alert of any unrequested traffic that was blocked along with the IP address.
Firewall alert messages are a response to unrequested traffic from remote computers. These alerts are often classified by the network port they arrive on and allow you to see the activity of what is happening on your firewall. The alerts allow the firewall to notify you in various ways about possible penetration and intrusion attempts on your computer. It is not unusal for a firewall to provide numerous alerts regarding such attempted access. Botnets and Zombie computers scour the net and will randomly scan a block of IP addresses. These infected computers are searching for vulnerable ports and make repeated attempts to access them. As RichieUK says, your firewall is doing its job by blocking this kind of traffic and alerting you about these intrusion attempts. If the alerts become too annoying, you should be able to go into your firewall settings and turn them off (Hide notification messages).
__________________________________________
"THE BAD GUYS DON'T NEED A SEARCH WARRANT. ARE YOU PROTECTED?"
Microsoft MVP - Windows Security 2007-2009  |
| |
| | | New Member
Group: Forum Members
Last Login: 7/24/2008 1:29 PM
Posts: 55, Visits: 117 |
| | Hey Richie and Quiteman7. Thank you for sharing your knowledge with me. However, this never happened when i was on LAN. The day i moved to a wireless connection, this started happening. Could this be the reason? Also, if the firewall is blocking it, then why does it show as "Allowed" in the traffic log? shouldn't it be "blocked'. I'm sorry if this is a stupid question. Just tryin to learn at the same time. Thanks S PS: i"ve posted a hijack log in the appropriate forum as well for your expert opinion. |
| |
|
|
