Re: [NTO] Security alert
- Hi Julie, alice ttlg,
At 5:28 PM October 12, 2000 Julie wrote:
>I have no clue, except for tracking down the ISP usingThanks!
>Just wondering what firewall you're using :-)?Norton Internet Security 2000
>At 03:39 PM 10/12/2000, you wrote:Correct.
>>Date: 12/10/00 Time: 11:00:53
>>Rule "Default Block Backdoor/SubSeven Trojan" blocked.
>>Inbound TCP connection
>>Remote address,service is (188.8.131.52,1373)
>At 6:54 PM October 12, 2000 alice ttlg wrote:
>Which returns the answer of:
>and Bill, you're on sympatico, right?
>Looks like they're simply pinging you to see if you're still connected.I'm on dsl, thats a first for above ip address, I checked event log for past
>I don't know if you're on dialup or dsl, I'm on dsl and I installed Zone
>Alarm and found that my dsl provider, swbell, pings me regularly, up to a
>dozen times a day. Why they would care, I don't know, since it's an
>always on connection.....
month and used http://swhois.net/ to identify an address for following
sources of similar events that were blocked:
Remote address,service is (184.108.40.206,2649)Unitel Communications,
Remote address,service is (220.127.116.11,2433)Intel, California
Remote address,service is (18.104.22.168,3246) Metrix Interlink
Remote address,service is (22.214.171.124,2690)Moscow Cellular
Remote address,service is (126.96.36.199,2742)EarthLink Network, Inc.
Remote address,service is (188.8.131.52,2789)@Home Network
Remote address,service is (184.108.40.206,3974)Videotron Ltee
Remote address,service is (220.127.116.11,2414)Cogeco Cable Solutions
At a quick glance through the event log it looks like the majority
originated from 18.104.22.168,2433.
Thanks for the help,