[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
psutton wrote: | Hi | | I was hit by a few back door viruses namely Analftp and | Osdii16.vbs | | I thought something was odd when the web link was just a blank page which | reproduced it's self loads of times, so I reset my computer and checked | msconfig when I noticed Windows trying to update files and run a script | after login. I am using zonealarm and seem to be getting hits all the time | in terms of blocks, using NetBios, I am not even using this as it's not | even installed I have TCP/IP installed for my local network, | | I am not sure how secure my system is now, zonealarm seems to be confusing | to set up, The output from zonealarm is as follows: | | | The firewall has blocked Internet access to your computer (HTTP) from | 204.203.50.110 (TCP Port 2170) [TCP Flags: S]. | | User: paul | Program: YServer Module | Time: 18/11/02 18:18:08 | | and | | The firewall has blocked Internet access to your computer (ICMP Time | Exceeded) from 195.92.66.2. | | Occurred: 6 times between 18/11/02 18:36:52 and 18/11/02 18:37:26 | | | anyone know what this means, I guess it's possible to trace back the above | ip address, to the original packet sender, but this is beyond me slightly. I | sort of understand it | | thanks for any help, I am trying to dig out my port list file which may | help indicate waht some of these ports relate to. | | Paul |
You wanna get an ISP that provides a firewall for you mate.. i got one ;-) (another sales pitch for ANLX.Net)
Neil -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE92oUTETbMU8Wu6mERApHDAJ47kOO8Hust4XP9pqFxJlgCMJa8+ACfejVI C7TaqSzfe/stbST8h79igvQ= =TN34 -----END PGP SIGNATURE-----
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.