Sygaten palomuuri ilmoitti tällaisesta...Mitä meinaa???tai siis ymmärrän mutta kuka scannaa?!? onko tullut vastaan? Somebody is scanning your computer. Your computer's TCP ports: 1433, 5900, 1025, and 135 have been scanned from **.***.***.***
kyseessä on siis ripe.net... tuollaista sain irti palomuurista. % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Note: the default output of the RIPE Whois server % is changed. Your tools may need to be adjusted. See % http://www.ripe.net/db/news/abuse-proposal-20050331.html % for more details. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '88.192.0.0 - 88.192.255.255' inetnum: 88.192.0.0 - 88.192.255.255 netname: SONERA-FINLAND-BBNET descr: Broadband access pool descr: TeliaSonera Finland Oyj country: FI admin-c: MP5226-RIPE tech-c: SIH3-RIPE status: ASSIGNED PA remarks: --------------------------------------------------------- remarks: Please send abuse and spam notifications to abuse@inet.fi remarks: --------------------------------------------------------- mnt-by: DATANET-NOC source: RIPE # Filtered role: Sonera Inet Hostmaster address: TeliaSonera Finland address: Vetu/SMO/Access/Hostmaster address: PL 106 address: 00051 SONERA phone: +358 2040 1 fax-no: +358 2040 69100 remarks: trouble: Please send abuse and spam notifications to abuse@inet.fi remarks: trouble: General information: http://www.sonera.com/ admin-c: KE351-RIPE tech-c: HE740-RIPE abuse-mailbox: abuse@inet.fi nic-hdl: SIH3-RIPE mnt-by: DATANET-NOC source: RIPE # Filtered person: Marko Perala address: PL 710 address: 00051 SONERA address: Finland phone: +358 20401 nic-hdl: MP5226-RIPE mnt-by: DATANET-NOC source: RIPE # Filtered % Information related to '88.192.0.0/14AS5515' route: 88.192.0.0/14 descr: DN-088192-BLOCK origin: AS5515 remarks: --------------------------------------------------------- remarks: Please send abuse and spam notifications to abuse@inet.fi remarks: --------------------------------------------------------- mnt-by: DATANET-NOC source: RIPE # Filtered
Samanlainen porttien skannaus ilmoitus tuli mullekin juuri. Sygaten palomuuri käytössä. Eka samasta ip:stä: Portscan; severity minor; protocol tcp 30 sek. myöhemmin: Active response; severity major; protocol none Pitäskö tehdä jotain, vai onko normaalia? log: Somebody is scanning your computer. Your computer's TCP ports: 1433, 135, 5900, and 139 have been scanned from 91.152.251.181.. % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Note: the default output of the RIPE Whois server % is changed. Your tools may need to be adjusted. See % http://www.ripe.net/db/news/abuse-proposal-20050331.html % for more details. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '91.152.0.0 - 91.152.255.255' inetnum: 91.152.0.0 - 91.152.255.255 netname: ELISA-ADSL descr: Elisa Oyj country: FI admin-c: KH-RIPE tech-c: KH-RIPE status: ASSIGNED PA mnt-by: ELISA-MNT source: RIPE # Filtered role: Elisa Hostmaster address: Elisa Oyj admin-c: KH-RIPE tech-c: KH-RIPE nic-hdl: KH-RIPE abuse-mailbox: abuse@elisa.fi mnt-by: ELISA-MNT source: RIPE # Filtered % Information related to '91.152.0.0/13AS719' route: 91.152.0.0/13 descr: Elisa Oyj origin: AS719 mnt-by: ELISA-MNT source: RIPE # Filtered Niin, ja huomasin että samoja portteja nuuskitaan mullakin. 1433, 5900 ja 135 . Mitähän portteja nää on ?
Java9 -> Lataa Hijackthis: http://koti.mbnet.fi/pattaya1/HijackThis.exe -> Tallenna hakemistoon C:\hjt -> Käynnistä HijackThis ja klikkaa: do a system scan and save a logfile. -> Lähetä ilmestynyt logisi AfterDawn:n Virukset ja haittaohjelmat-osioon: http://keskustelu.afterdawn.com/forum_view.cfm/151 Aloita uusi viestiketjusi ja kerro ongelmasta sekä liitä HijackThis logi mukaan! Odota rauhassa apua.
