Network Attacks!

ronscores

Newbie
[OP]
Regulars
Mar 25, 2005
58
0
hi,

have XP with SP2..
installed Kaspersky Beta 2006 and was shocked to see abt 2 network attacks per hour of logging on to the net..
I mean 'twas only kaspersky which detected it and repelled it..
I'm thankful i d'loaded Kaspersky..
BTW.. i'm attaching the screenshot..
http://img298.imageshack.us/img298/3502/attack26ol.png
Here's the thumbnails..
http://img298.imageshack.us/my.php?image=attack26ol.png
are network attacks common in Airtel Broadband? and any other antivirus program would surely not have recognized it!
 

blr_p

Regulars
Regulars
May 26, 2005
3,934
13
3 of those IPs resolved to Airtel addresses, i'd say they are prolly infected with some worm and looking for company ;)A decent firewall (Zonealram or similar) should be good enough to deal with it.
 

ronscores

Newbie
[OP]
Regulars
Mar 25, 2005
58
0
hey .. dont u ppl in bangaore have such problems?And aint these harmful?lovesan & LSASS exploit are frequent!Would anyone here recommend the inbuilt Windows firewall (inbuilt in XP with SP2)??i thought only kaspersky detected it!and btw is ZoneAlarm free?
 


blr_p

Regulars
Regulars
May 26, 2005
3,934
13
I'm not seeing this attack as i'm using the ethernet modem they gave me. It's set up to work as a NAT, ie it doe snot allow anything form the outside in unless the connection was previouslyt initiaitef form the inside. This has proven to be a problem for ppl that want to setup servers as the Airtel modem does not port forward properly. THe ports mentioned in ur pic are for netowrk shares on windows, very common for them to be attacked for vulnerbilities.I'm not sure if the USB version acts as a NAT. Zonealarm is free for personal use and is regularly updated., quite easy to setup and works well. I hear Kapersky is good as well.I would disable the XP firewall, and instead rely on either of the above two for sake of your sanity.
 

coolbuddy_79

The Coolest One!!!
Regulars
Jan 30, 2005
3,509
27
lsass - lsass.exe - Process Information

Process File: lsass or lsass.exe
Process Name: Local Security Authority Service

Description:
lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies.

Note: lsass.exe also relates to the Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm which spread via floppy disk drives, mass-mailing and peer-to-peer sharing. Please review file path for clarification of this.


Author: Microsoft Corp.
Part Of: Microsoft Windows Operating System

System Process: Yes
Background Process: Yes
Uses Network: Yes
Hardware Related: No
Common Errors: N/A
Memory Usage: N/A

Security Risk (0-5): 0
Spyware: No
Adware: No
Virus: No
Trojan: No

so i really wonder if it's really a security threat :unsure:

but "helkern" for sure is something you should worry about...

know more here
 


GAURAV7777

Regular
Regulars
Dec 15, 2004
556
0
well if u have xp sp2then u r protected against lsass exploitand these cases are just are worm trying to spread itself so my suggestion is just have a firewall like the one u r using or zone set to highest level and just relax
 

GAURAV7777

Regular
Regulars
Dec 15, 2004
556
0
almost forgot this kaspersky thing is way better than zoneatleast it tells people which exploit is being targeted than the zone alarm which just gives the technical infodoes it comes bundled with that antivirus or just the firewall alone
 

Supreme

Newbie
Regulars
Jan 27, 2005
86
0
You be on any network , attacks are bound to happenBetter to keep the system fully patched, have an antivirus & firewall updated. Stop all services you dont require.It is not that a LAN is insecure, rather if you have a public ip you are more insecure.
 

Similar threads