port scanning attack!

>>BLACKHOLE<< · 12-22-2006, 12:22 PM

hello everyone-
--------------

Someone has probed my port recently, My firewall says it's service 1043. The offending address is 192.168.1.1 Is there away to tell where that probe originated from?

How is it that they are able to see my box, when my firewall is up?
______________________________________________________

I'm trying to get this nix box working correctly as a server, so I can host my own blog and website. It's wireless and I need to know how to secure it. This is like the second time someone probed it, and I think it's the same person or persons!
______________________________________________________
Any suggestion would be appreciated

-------------------------------------

______________________________________________________
>>BLACKHOLE<< | +no knowledge or information can escape my dense gravitational pull<<

~in order to reach the glory of enlightment
_________________________________________
one must first tread the void of darkness~

>>BLACKHOLE<<

2006-(-_+)

acid_kewpie · 12-22-2006, 12:33 PM

probed your port? sounds like a euphamism that...

anyway, 192.168.1.1 is a private LAN address, most likely it's an ADSL router in someone's typical network configuration, so unless you've got your router doing really odd things, it's you. port 1043 is used by BOINC, the system that runs projects like seti@home and those other projects that use your spare cpu cycles...

>>BLACKHOLE<< · 12-22-2006, 06:24 PM

hey whats up kpie-
-----------------

I'm real paranoid about this stuff, being that I'm new to this ya know? How can your own comp probe ports by itself???

I don't know what euphamism means, but it sounds funny.

LOL

Hey Ima look that up!
_________________________________________________________________
>>BLACKHOLE<<

>>BLACKHOLE<<

2006-(-_+)

masterofNanako · 12-23-2006, 10:09 AM

sounds to me like the address of an unconfigured router...
If you check your logs you may find this address reappearing quite frequently,
just watch the activity. IF you find it happening every few seconds or minutes and
every day etc. etc. etc.
it would be a 'NetWorksEverywhere' or D-link router for sure. Comes up all the time for me,
and was a real 'spammer' on my M$xp ZoneAlarm logs! ~8)
Just make sure Pam's nice an' comfy...