Getting scanned

  • Thread starter Outlander
  • Start date
  • Replies: Replies 20
  • Views: Views 2,864
O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
Since the past two days I've noticed that my firewall (Comodo) is registering a whole lot of intrusion attempts. Maybe they've been there earlier, but I noticed it only yesterday when the connection broke for no reason two to three times. I thought it was the firewall breaking the connection when it can't handle the stuff, but I'm not sure of this.Anyway, here are the IPs trying to get in:59.95.66.12659.95.8.3959.95.167.3659.95.162.19459.95.23.64and some foreign ones:61.164.113.8161.128.250.689.25.70.252208.94.180.94This might seem normal to some, but the thing I can't understand is that many of these IPs kept scanning even if I reconnected. I mean, I disconnected and reconnected, then even switched the modem off and started it again after a minute, and as soon as I connected the same IPs trying to connect. It could be the ISP doing some kind of scan (though I don't understand what that is), but that would explain the Indian IPs, the other one (61.164.113.81) is a Chinese IP, so how come it pops up all the time? If I reconnect and get another IP then the one scanning me shouldn't be able to find me, right? Or is it that it is scanning a range of IPs and it just happens that my IP even after reconnecting falls into that range?Would appreciate some help here.
 
E

essbebe

MODERATOR
Messages
9,792
Location
NA
ISP
BSNL
59.95.66.126 IN INDIA - - NIB (NATIONAL INTERNET BACKBONE)
59.95.8.39 IN INDIA - - NIB (NATIONAL INTERNET BACKBONE)
59.95.167.36 IN INDIA RAJASTHAN JAIPUR NIB (NATIONAL INTERNET BACKBONE)
59.95.162.194 IN INDIA RAJASTHAN JAIPUR NIB (NATIONAL INTERNET BACKBONE)
59.95.23.64 IN INDIA - - NIB (NATIONAL INTERNET BACKBONE)

Check others.
IP2Location.com - Lookup IP address to Country, State, City, Netblock, Longitude and Latitude
 
A

amitwiz1

Regular
Messages
174
Location
NA
ISP
BSNL Home 500C
What application are you running? Dump Comodo... Get ZoneAlarm
 
B

blu_6779

Regulars
Messages
677
Location
NA
ISP
BSNL
^^comodo is an excellent firewall :frown:mad:op you probably have a trojan that is broadcasting your ip to the world :ashamed:.
 
O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
@ Essbebe: I know about finding where the IP belongs, its how a particular IP (and especially from China) keeps finding me that I can't [email protected] amitwiz1: I dumped ZoneAlarm a long time back. Look up the net, the best firewalls are Comodo, Kerio, and [email protected] blu_6779: Could you be a bit more specific? I've run an AV scan but nothing comes up. I doubt there's any infection of any kind. What I'm scared of is that someone has complained about me for downloading movies and that's why I'm getting scanned. But that would explain the Indian IPs (the ISP doing a check), but what about not being able to shake off the foreign IPs even after reconnecting?btw, does anyone know anything about BSNL running scans, the routine ones, and whether they have a particular IP?
 
S

shantam2005

IrRegulars
Messages
562
Location
NA
ISP
Maha Mediacom
My Norton Internet Security 2009 also detected the same IPs, but I just ignored it.
 


O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
My Norton Internet Security 2009 also detected the same IPs, but I just ignored it.

Okay, so I'm not the only one facing this problem... Feel a little better now. :dance:

Btw, do you keep detecting these IPs all the time?
 
S

shantam2005

IrRegulars
Messages
562
Location
NA
ISP
Maha Mediacom
Ya whenever I check the History, it shows me many blocked attempts to connect to my computer, and many of them are International Ips. I have tried formatting my drive to remove any malware that was causing this but still the problem exists, thats why I just ignore it now.
 
B

blu_6779

Regulars
Messages
677
Location
NA
ISP
BSNL
I don't think you need to worry cos it seems your firewall successfully blocks them...Also, do enable your router's firewall if you haven't already...
 
O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
Also, do enable your router's firewall if you haven't already...

I'm not sure if my router's firewall is enabled or not. In the Firewall section, I had made a few changes so that it is at present:

Black List Status: enabled
Block Duration: 10 minutes
Use Attack Protection: allow
Use Dos Protection: allow
Max Tcp Open Handshaking Count: 100
Max ICMP Count: 100
Max Host Count: 30

But in the separate NAT section, UPNP settings shows the status as disabled.
 
E

essbebe

MODERATOR
Messages
9,792
Location
NA
ISP
BSNL
1.Run ccleaner from filehippo.com.2.Does the FW specify the port, when these websitestry to access your computer ?
 
O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
These three are the only ports which are scanned: 445, 135, 139.
 
S

superprash2003

Regulars
Messages
1,928
Location
NA
ISP
bsnl dataone
its mostly a virus looking for a computer to spread.. as its targetting 139 which is used by windows file sharing!!
 
O

Outlander

Regular
Messages
152
Location
NA
ISP
BSNL
I tried this one here:

Open Port Check Tool

For port 445 it says no route could be found, for 135 it says connection was timed out and for 139 it says connection was refused.
 

Similar threads