Version: 2008
Advanced Search
advertisement
advertisement

Forum display:

Computer newbies: Need help about an attack I got through ports

by moonthe_sun - 8/11/07 6:12 PM
Post 16 of 18

message in Comodo.....I took the ports he scanned out

by moonthe_sun - 8/14/07 11:10 AM In reply to: Response by JP Bill

I wasn't sure they should be put on display....but if it's not an issue I can repost them....you see the attackers IP...this was listed once in the log.


Date/Time :2007-08-10 07:15:14
Severity :High
Reporter :Network Monitor
Description: UDP Port Scan
Attacker: 192.168.15.1
Ports: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The attacker has been temporarily blocked

Reply
Permalink
Report offensive post
Post 17 of 18

The IP address you just indiacted is a ...

by Edward ODaniel - 8/18/07 2:03 PM In reply to: message in Comodo.....I took the ports he scanned out by moonthe_sun

non-routable IP address.

There are a few IP addresses that are reserved for private (non-routable) networking, 192.168.0.0, 10.0.0.0, and 172.16.0.0 through 172.31.0.0. Remember that the zeros can be any number from 1 to 254. The most common private network is 192.168.0.0. The ranges are 10.1.1.1 - 10.255.255.254, 172.16.1.1 - 172.31.255.254, 192.168.1.1 - 192.168.255.254 .

Since the one you listed is "Attacker: 192.168.15.1" it would appear to be "someone" on your own network - do you connect through a router? If so is the router secured? I ask because that is what it looks like the situation actually is and indications are that the connection is not secure (in brief, the router is not fully set up and properly configured).

Then too, since that specific IP address is common to VOIP configurations it is quite possible that you are "attacking" yourself.

Reply
Permalink
Report offensive post
Post 18 of 18

the router I have

by moonthe_sun - 8/19/07 2:43 PM In reply to: The IP address you just indiacted is a ... by Edward ODaniel

is a vtech....I have vonage but never considered it not to be secure, but I don't know much about it so I wonder what I should do about that. It said attacker right on the log, not my insertion so I assumed it was a real attacker. It coincided with that jerk who went "through the ports" to make IE unusable until I did a system restore. I assumed he was the "attacker". Kind of confusing.
It hasn't happened again since then, have to learn more about the firewall and understand how it works.

Reply
Permalink
Report offensive post
rss
Forum legend:
Locked Locked thread
Moderator Moderator
CNET staff CNET staff
Samsung staff Samsung staff
Norton Authorized Support team Norton Authorized Support team
AVG staff AVG staff
Windows Outreach team Windows Outreach team
Dell staff Dell staff
Intel staff Intel staff
Powered by Jive Software
Forums
Site map
FAQs
Usage policies
Real time activity
Meet the moderators
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET