WVbeekeeper
01-30-2008, 01:42 AM
Someone is trying to access my computer. It was happening a while ago a few times and this is what my firewall said;
*Your Firewall* prevented a remote computer from connecting to port 1080 on your computer. This connection attempt was probably a port scan attempting to locate unprotected or misconfigured proxy servers. To learn more about port scans, see the Details tab.
After clicking the details tab it said;
"This alert was probably caused by a port scan aimed at locating unprotected or misconfigured proxy servers.
Proxy servers are popular targets for hackers because they can be used as anonymous relay points, protecting the hacker's identity. They can also be used to circumvent hardware-based firewalls.
About Port Scans
Port scanning means using an automated tool to systematically try to connect to every port on a computer. While port scans have some legitimate uses, hackers use them to look for unprotected computers with unguarded ports, typically scanning random blocks of Internet addresses.
Successful port scans can retrieve a variety of information about a computer, such as its operating system and the programs it is running. Because you are using *Your Firewall*, your computer remains invisible to port scans. Hackers performing scans do not even know your computer exists, because no information is returned by the scan."
After clicking on the Hacker ID tab this pops up;
Details about 220.242.7.9, the IP address of the computer that caused the alert you received from *Your Firewall*, are provided in the *Who is* report below. The information in the *Who is* report comes from the Regional Internet Registry (RIR) for the region where 220.242.7.9 is located: ARIN, RIPE, LACNIC or APNIC. The name of the RIR appears in the *Who is* report.
The *Who is* report includes the name, address and contact information for the Internet Service Provider (ISP) that administers the block of IP addresses that contains 220.242.7.9. The report probably does not list the administrator of the specific computer at IP address 220.242.7.9.
You should not assume that individuals listed in this report are responsible for the alert you received on your computer.
Of course I got a map of the location of the IP address block but that's about as far as I can get;
"This map is our best attempt to provide information about the physical location of IP address 220.242.7.9. It may not correspond to the location of any administrative contacts for this IP address."
I also reported it. The only weird thing about it is that when I was logged on earlier they tried then about four or five times before I logged out. I was logged out for a while and had no other warnings. When I logged back in I almost immediately got the warning and have had three more while typing this. My computer is safe and they have not breached the firewall. What I would like to know is why is it only happening while I'm logged in here and no where else. Barry, I was just wanting you know and ask can you do something about it or do you have any suggestions for anything else I can do on my end?
*Your Firewall* prevented a remote computer from connecting to port 1080 on your computer. This connection attempt was probably a port scan attempting to locate unprotected or misconfigured proxy servers. To learn more about port scans, see the Details tab.
After clicking the details tab it said;
"This alert was probably caused by a port scan aimed at locating unprotected or misconfigured proxy servers.
Proxy servers are popular targets for hackers because they can be used as anonymous relay points, protecting the hacker's identity. They can also be used to circumvent hardware-based firewalls.
About Port Scans
Port scanning means using an automated tool to systematically try to connect to every port on a computer. While port scans have some legitimate uses, hackers use them to look for unprotected computers with unguarded ports, typically scanning random blocks of Internet addresses.
Successful port scans can retrieve a variety of information about a computer, such as its operating system and the programs it is running. Because you are using *Your Firewall*, your computer remains invisible to port scans. Hackers performing scans do not even know your computer exists, because no information is returned by the scan."
After clicking on the Hacker ID tab this pops up;
Details about 220.242.7.9, the IP address of the computer that caused the alert you received from *Your Firewall*, are provided in the *Who is* report below. The information in the *Who is* report comes from the Regional Internet Registry (RIR) for the region where 220.242.7.9 is located: ARIN, RIPE, LACNIC or APNIC. The name of the RIR appears in the *Who is* report.
The *Who is* report includes the name, address and contact information for the Internet Service Provider (ISP) that administers the block of IP addresses that contains 220.242.7.9. The report probably does not list the administrator of the specific computer at IP address 220.242.7.9.
You should not assume that individuals listed in this report are responsible for the alert you received on your computer.
Of course I got a map of the location of the IP address block but that's about as far as I can get;
"This map is our best attempt to provide information about the physical location of IP address 220.242.7.9. It may not correspond to the location of any administrative contacts for this IP address."
I also reported it. The only weird thing about it is that when I was logged on earlier they tried then about four or five times before I logged out. I was logged out for a while and had no other warnings. When I logged back in I almost immediately got the warning and have had three more while typing this. My computer is safe and they have not breached the firewall. What I would like to know is why is it only happening while I'm logged in here and no where else. Barry, I was just wanting you know and ask can you do something about it or do you have any suggestions for anything else I can do on my end?