Flare Sci-fi Forums
Flare Sci-Fi Forums Post New Topic  New Poll  Post A Reply
my profile | directory login | search | faq | forum home

  next oldest topic   next newest topic
» Flare Sci-Fi Forums » Community » Officers' Lounge » Internet Security Problem, PLEASE HELP!!

   
Author Topic: Internet Security Problem, PLEASE HELP!!
BlueElectron
Active Member
Member # 281

- posted      Profile for BlueElectron     Send New Private Message       Edit/Delete Post   Reply With Quote 
Guys and ladies, recently I've been logging a lot of "alerts" on my ZoneAlarm (like 45 entries in less an hour).

There're all like "TCP Flag: S" directing against various TCP ports. The thing that cause me some concern is that all these entries are almost all from the same block, the "24.66...,24.63..., and 24.67...".

I have WinMX and Napigator, can this have something to do with these programs? Although one thing to point out is that almost all entries were logged after I disconnected from these program.

Now, should I be freaking out here?? Or is this like a everyday occurance??

Help from our resident computer wizzards are greatly appreciated in advance!

[ August 06, 2001: Message edited by: BlueElectron ]



--------------------
"George Washington said, 'I cannot tell a lie.'
Richard Nixon said, 'I cannot tell the truth.'
Bill Clinton said, 'I cannot tell the difference.'"

-- comedian TOM SMOTHERS, from his latest stage act with brother DICK SMOTHERS.
Registered: Jan 2000  |  IP: Logged
Fabrux
Epic Member
Member # 71

- posted      Profile for Fabrux     Send New Private Message       Edit/Delete Post   Reply With Quote 
That happened to me once. Then I made ZA log intrusion attempts and disabled the warning thingy. ZA won't let anything through. I checked through the log once and found over 200 consecutive attempts from the same block of IP addresses. *shrug*

--------------------
I haul cardboard and cardboard accessories
Registered: Mar 1999  |  IP: Logged
BlueElectron
Active Member
Member # 281

- posted      Profile for BlueElectron     Send New Private Message       Edit/Delete Post   Reply With Quote 
Oh my god, I've logged 230 entries while I was away for work!

It would be a good time for me to freak out now.

Just a week ago, I get like 10 entries max a day!

--------------------
"George Washington said, 'I cannot tell a lie.'
Richard Nixon said, 'I cannot tell the truth.'
Bill Clinton said, 'I cannot tell the difference.'"

-- comedian TOM SMOTHERS, from his latest stage act with brother DICK SMOTHERS.

Registered: Jan 2000  |  IP: Logged
Cartman
just made by the Presbyterian Church
Member # 256

- posted      Profile for Cartman     Send New Private Message       Edit/Delete Post   Reply With Quote 
Don't worry. TCP requests (short for Transmission Control Protocol) aren't harmful in any way. Your firewall intercepts them because they are foreign in origin. The TCP protocol is used for data transmission (hence the name), which is an integral component of computer networking theory. Programs like KaZaa, WinMX, et all cannot function without it. To cut a long story short: a TCP request (in this case, that is) is nothing more than an instruction (sent by another computer) telling your PC to start transferring a file.

Now, the reason why you keep getting these requests even after you've shutdown the program itself is that your PC, to the rest of the "network", appears to still be online. The networks these programs connect to do not dynamically update your PC's status, so any search that is done will continue to turn up a positive match if you were sharing that search-item. Your computer - or rather, its "idle ghost image" - seemingly remains connected: the network still acknowledges your PC presence, even though it isn't really "there" anymore. It takes a while before the networks catch up, especially if there are many users online.

[ August 07, 2001: Message edited by: My Publically Displayed Name ]



--------------------
".mirrorS arE morE fuN thaN televisioN" - TEH PNIK FLAMIGNO
Registered: Nov 1999  |  IP: Logged
BlueElectron
Active Member
Member # 281

- posted      Profile for BlueElectron     Send New Private Message       Edit/Delete Post   Reply With Quote 
Thanks for the tip, it was very informative!

--------------------
"George Washington said, 'I cannot tell a lie.'
Richard Nixon said, 'I cannot tell the truth.'
Bill Clinton said, 'I cannot tell the difference.'"

-- comedian TOM SMOTHERS, from his latest stage act with brother DICK SMOTHERS.
Registered: Jan 2000  |  IP: Logged
TSN
I'm... from Earth.
Member # 31

- posted      Profile for TSN     Send New Private Message       Edit/Delete Post   Reply With Quote 
Either that, or someone's trying to DDoS you, and doing a really really really crappy job of it. *L*

And, before you start worrying, that was a joke. :-)

Registered: Mar 1999  |  IP: Logged
Charles Capps
We appreciate your concern.
It is noted and stupid.
Member # 9

- posted      Profile for Charles Capps     Send New Private Message       Edit/Delete Post   Reply With Quote 
Ignore the flags bit.

It's all in the port they're trying to reach.

Unless you've been living under a rock for the past month, there's a worm going out there that tries to infect Windows NT/2000 machines running IIS.

Connections to port 80 are 99.9% of the time that worm.

The 24.* block belongs to @home and other cable services.

In other words, there are tens of thousands of @home users infected, and they are slowly scanning the net, looking for open boxes...

Registered: Mar 1999  |  IP: Logged
PsyLiam
Hungry for you
Member # 73

- posted      Profile for PsyLiam     Send New Private Message       Edit/Delete Post   Reply With Quote 
Regarding that code red thingy, or whatever it was called. Did it seem to have the overall effectiveness of trying to stop the Hulk by throwing a paper aeroplane at him? Or, more accuratly, the effectiveness of the amazingly scary millenium bug?

--------------------
Yes, you're despicable, and... and picable... and... and you're definitely, definitely despicable. How a person can get so despicable in one lifetime is beyond me. It isn't as though I haven't met a lot of people. Goodness knows it isn't that. It isn't just that... it isn't... it's... it's despicable.
Registered: Mar 1999  |  IP: Logged
BlueElectron
Active Member
Member # 281

- posted      Profile for BlueElectron     Send New Private Message       Edit/Delete Post   Reply With Quote 
Another informative message, thanks Capps!

Regarding the "worm", when will it stop?

[ August 08, 2001: Message edited by: BlueElectron ]



--------------------
"George Washington said, 'I cannot tell a lie.'
Richard Nixon said, 'I cannot tell the truth.'
Bill Clinton said, 'I cannot tell the difference.'"

-- comedian TOM SMOTHERS, from his latest stage act with brother DICK SMOTHERS.
Registered: Jan 2000  |  IP: Logged
PsyLiam
Hungry for you
Member # 73

- posted      Profile for PsyLiam     Send New Private Message       Edit/Delete Post   Reply With Quote 
No, when will it start?

--------------------
Yes, you're despicable, and... and picable... and... and you're definitely, definitely despicable. How a person can get so despicable in one lifetime is beyond me. It isn't as though I haven't met a lot of people. Goodness knows it isn't that. It isn't just that... it isn't... it's... it's despicable.
Registered: Mar 1999  |  IP: Logged
   

Quick Reply
Message:

HTML is enabled.
UBB Code™ is enabled.

Instant Graemlins
   


Post New Topic  New Poll  Post A Reply Close Topic   Feature Topic   Move Topic   Delete Topic next oldest topic   next newest topic
- Printer-friendly view of this topic
Hop To:


© 1999-2024 Charles Capps

Powered by UBB.classic™ 6.7.3