Port scan of my computer

Discussion in 'Software' started by m79vest36, Nov 8, 2003.

  1. m79vest36

    m79vest36 Corporal

    On my other computer...I am

    Running Win 98 2nd edition, I noticed the blinking sygate icon in my taskbar & opened the security log to investigate. The comment said "someone is scanning my port". The traffic log indicated that it blocked it. What in specific terms does this mean? Blocked TCP info, or blocked my port info, or blocked all info that an intruder has visibility to gain some access to parts of my system? When I backtraced this, the incoming IP address was only identified by *** so I couldn't see who was scanning my port. Does the PRO feature allow me to ID the IP address of who is conducting the scan of my port?

    What specific advantage does the PRO Sygate feature offer over the freeware version?
     
  2. †T-Rex †

    †T-Rex † Specialist

    Vlad would be able to tell you quite a bit about this situation, but to explain the best I can, think of your computer as a house. The doors on that house are ports. Someone scanning your ports is like walking around your house and trying each door to see if it's locked or not. They are basically looking for any open ports on your computer that they may be able to gain access with.

    Since you have a firewall, I'd say it would keep your computer in stealth mode, which basically means that anyone trying to do those kind of things (port scan, ICMP requests, telnet, etc.) will come up with a time out error. I can't remember, but they may receive errors like "destination unreachable, or "no response". To put it in simple terms, stealth mode will "hide" your computer from suspicious acitivies, such as the ones described above. It will seem to the individual trying to get information from your computer that your computer is not there. It will seem as though your IP address is not in use, and they will more than likely give up their efforts.

    As for trying to find out the individual's IP address... it really wouldn't do you much good. There isn't a lot you can do with it, besides possibly contacting the ISP and request to have that individual removed from their services. You'd need to do a nslookup or wait for the other replies I'm sure you'll get and they will probably give you a link that you can put his IP address in and pull up information about his ISP and such. Honestly, I would have thought his ISP would have already noticed his malicious activities by now and kicked him off...
     
  3. Vlad902

    Vlad902 Guest

    Yeah... just testing all connections to you, reporting IPs' is futile. There are many techniques to hide it... FTP bounce attacks, Idle scan, just using nmap on another friends box :), SOCKS proxy, etc. Bassicly a port scan just gives you the open ports, and possibly depending on the port scanner, it can also get your version of windows and/or version of the running programs...



    As for the ISP thing... It's easy to frame others with FTP bounce or Idle scanning... Plus they may use a proxy.. and it's hard to notice that activity when you run a large ISP... And truely you don't know what it's for too... I sometimes nmap other boxes when people ask me to, or for war games, or just cause I'm bored :D
     
  4. m79vest36

    m79vest36 Corporal

    T-Rex...Vlad902, again your replys are most specific, and greatly appreciated! This forum always seems to provide the most detail and when users have questions they need a good answers. Thanks for taking the time.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds