Loading ...
Sorry, an error occurred while loading the content.

Re: [NTO] Security alert

Expand Messages
  • Bill
    Hi Julie, alice ttlg, ... Thanks! ... Norton Internet Security 2000 ... Correct. ... I m on dsl, thats a first for above ip address, I checked event log for
    Message 1 of 4 , Oct 12, 2000
    • 0 Attachment
      Hi Julie, alice ttlg,

      At 5:28 PM October 12, 2000 Julie wrote:

      >I have no clue, except for tracking down the ISP using


      >Just wondering what firewall you're using :-)?

      Norton Internet Security 2000

      >At 03:39 PM 10/12/2000, you wrote:

      >>Date: 12/10/00 Time: 11:00:53
      >>Rule "Default Block Backdoor/SubSeven Trojan" blocked.
      >>Inbound TCP connection
      >>Remote address,service is (,1373)

      >At 6:54 PM October 12, 2000 alice ttlg wrote:

      >Which returns the answer of:
      >Server: localhost
      >Name: HSE-MTL-ppp63044.qc.sympatico.ca
      >and Bill, you're on sympatico, right?


      >Looks like they're simply pinging you to see if you're still connected.
      >I don't know if you're on dialup or dsl, I'm on dsl and I installed Zone
      >Alarm and found that my dsl provider, swbell, pings me regularly, up to a
      >dozen times a day. Why they would care, I don't know, since it's an
      >always on connection.....

      I'm on dsl, thats a first for above ip address, I checked event log for past
      month and used http://swhois.net/ to identify an address for following
      sources of similar events that were blocked:

      Remote address,service is (,2649)Unitel Communications,
      Remote address,service is (,2433)Intel, California
      Remote address,service is (,3246) Metrix Interlink
      Remote address,service is (,2690)Moscow Cellular
      Remote address,service is (,2742)EarthLink Network, Inc.
      Remote address,service is (,2789)@Home Network
      Remote address,service is (,3974)Videotron Ltee
      Remote address,service is (,2414)Cogeco Cable Solutions

      At a quick glance through the event log it looks like the majority
      originated from,2433.

      Thanks for the help,
    Your message has been successfully submitted and would be delivered to recipients shortly.