Re: Can anyone help me ID who is trying to hack my system?
Quoting Alderbrook (joybrad@sisqtel.net):
> Can anyone help me identify who is trying to get into my system?
>
> 9/1/03 7:14:51 PM Deny unknown 1080 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:50 PM Deny unknown 1080 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:49 PM Deny unknown 1080 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny unknown 1080 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny unknown 5490 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny unknown 6588 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny unknown 3128 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny Web Sharing 80 TCP 64.222.178.231 64.222.178.231
> 9/1/03 7:14:32 PM Deny unknown 8080 TCP 64.222.178.231 64.222.178.231
[...]
As Noah says, someone's just twisting your system's doorknobs, looking
for vulnerable services. The probe on 57/tcp is probably trying to
fingerprint the TCP/IP stack by trying to connect to a port that's
almost never used for anything, and profiling your system's response to
determine the OS.
You can worry about all this, if you want, but then you're going to be
upset multiple times a day, 365 days a year. ;->
--
This message falsely claims to have been scanned for viruses with F-Secure
Anti-Virus for Microsoft Exchange and to have been found clean.
Reply to: