400 attempts to infiltrate my computer in 1 hour?

Discussion in 'Anti-Virus' started by Wizard of Ozz, Nov 23, 2004.

  1. My log from my Pc-cillin anti-virus software told me that in the last
    hour that I was connected via broadband to the internet, my Windows XP
    machine had suffered about 400 illegitimate attempts to access its
    ports. I even had 2 trojans install themselves in my computer as I was
    registering and setting up the pc-cillin software during that hour, so
    it wasn't complete functioning at the beginning.

    How can there be so many attempts to illegally access my computer? Is
    this normal?

    My other computer is a Windows 98 on a phone modem. I practically
    never have problems with it, and I have it on the internet maybe 10
    hours a day, and doing pretty risky stuff, such as file sharing.
     
    Wizard of Ozz, Nov 23, 2004
    #1
    1. Advertisements

  2. I'd say it is unlikely there were 400 separate attempts but rather someone
    or some program was just scanning for open ports or exploitable openings
    on your computer. That isn't uncommon. You shouldn't connect to the
    Internet until you have your firewall enabled, then you won't have to
    worry about such things.
     
    Michael Cecil, Nov 23, 2004
    #2
    1. Advertisements

  3. (Wizard of Ozz) wrote in message My log from my Pc-cillin anti-virus software told me that in the last
    hour that I was connected via broadband to the internet, my Windows XP
    machine had suffered about 400 illegitimate attempts to access its
    ports. I even had 2 trojans install themselves in my computer as I was
    registering and setting up the pc-cillin software during that hour, so
    it wasn't complete functioning at the beginning.

    How can there be so many attempts to illegally access my computer? Is
    this normal?

    My other computer is a Windows 98 on a phone modem. I practically
    never have problems with it, and I have it on the internet maybe 10
    hours a day, and doing pretty risky stuff, such as file sharing.
     
    Wizard of Ozz, Dec 1, 2004
    #3
  4. Actually not that unusual these days

    http://it.slashdot.org/article.pl?sid=04/11/30/1932245&tid=220&tid=172&tid=201
    http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
    http://it.slashdot.org/article.pl?sid=04/08/17/1347214&tid=172

    The problem is that there a re a lot of infected machines out these which
    people either don't know are compromised or don't care. It's a major issue
    and everyone has an opinion who's to blame (I'm keeping my opinion to
    myself). If you can, get all your patches from a safe system and burn them
    to CD before attempting a clean install. then install and patch offline
    before connecting.

    or connect behind a _good_ firewall to download your patches


    --
    Jason Brown
    Microsoft GTSC, IIS

    This posting is provided "AS IS" with no warranties, and confers no
    rights.
     
    Jason Brown [MSFT], Dec 1, 2004
    #4
  5. Wizard of Ozz

    Woody Guest

    At the least I would install a cheap firewall router to block the intrusions
    in your computer. Your software firewall has to process all those intrusions
    eating up processor cycles.....
     
    Woody, Dec 1, 2004
    #5
  6. Wizard of Ozz

    abe Guest

    yes please!
     
    abe, Dec 1, 2004
    #6
  7. Wizard of Ozz

    Damian Guest

    ....and suffer the consequences sometime in the future for having done it.
     
    Damian, Dec 2, 2004
    #7
  8. ....unless those services (which are many) are not required...

    | xmp wrote:
    | >> or connect behind a _good_ firewall to download your patches
    | >
    | > or actually learn how to disable services with known vulns.
    | >
    |
    | ...and suffer the consequences sometime in the future for having done it.
    |
    |
     
    Tom Pepper Willett, Dec 3, 2004
    #8
  9. Actually that's not such bad advice, but having a properly configured
    firewall between you and the net means far less messing about whenever a
    reinstall is required. I regularly build VPC VMs on my home desktop machine
    and I'd get so bored with constantly messing around with services just so I
    could safely connect them to the net. Luckily I have a pretty good firewall
    config (two actually, one fairly open, the other quite tight with one
    machine sitting in between)


    --
    Jason Brown
    Microsoft GTSC, IIS

    This posting is provided "AS IS" with no warranties, and confers no
    rights.
     
    Jason Brown [MSFT], Dec 3, 2004
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.