View Full Version : 150 ports hit and still coming
April 12th, 2002, 07:39 PM
* * * * * this is one freakest incident to report......after making a few adjustments on some blocks I had....suddenly if I go to <yahoo> or <msn> I get slammed......my firewall is a blur of light with "outbounds" which fortunately are all being filtered and not connecting........a real quick look at my active ports showed ports 2409-2572 active "out".....same port range at either site.......at the <msn> website the inbound connection is from <msn.ca)......at the <yahoo> website is a <yahoo> connection in bound.....
* * * * *as yet I have not had a moment to see just which modified block is causing this.....my cpu is spinning but resources not dropping...........when I block outbound the activity stops........
* * * * definitely this isn't an attack....nor hacker attempt...not trogan or virus.......an definitely the inbound is from the two sites above mentioned.......baffles me! * has never happened before.
* * * * I am mentioning this incident because for me at least its something I've never heard of.......an no I don't drink....LOl * no pink or green little men *LOL
April 12th, 2002, 07:45 PM
* * * * * *OF SPECIAL NOTE
* * * * * *it may be of some interest to note that I "sat" at both wensites 15 minutes each......an the connects did not stop.........it would seem that if I sat there for an hour the connections would continue.
* * * * *further....this does not happen at any other websites I visit......have tested.
April 12th, 2002, 08:01 PM
* * * * an now the plot thickens: * *have just caught one of these nasties.
* * * * *received data from the internet (xx.x.xx.x)
* * * * * * * * * ***(hotmail.com)****
* * *what the heck is this!!!....I don't use <hotmail> am wasn't connected to <hotmail>.......was at the <msn> homepage!!!!
* * * *Paul whats going on....any ideas? * *one thing I had done was take windows update out of start-up...but it wasn't until I messed with my "blocks" that this behavior began........ * *its <hotmail> now being filter it seems.....over a hundred times...my gosh!
April 12th, 2002, 08:05 PM
* * * * * * * * * the reason I "x'ed the url is because it reveals a <hotmail law> * a direct url
April 12th, 2002, 08:24 PM
It's not that easy to get the picture from a distance. Feel free to mail the relevant log to firstname.lastname@example.org and we will have a look at it.
(Weekend is coming up; could well be a reply will take some days - apologies up front).
April 12th, 2002, 08:38 PM
* * * * have now found yet two more:
* * * * one is a <yahoo redirect of some sort)
* * * * the second is another <msn> connection
* * * * this is way over my head.....an wont make any further comments ....it appears I've opened a snake pit
......but in the spirit of fairness only persons in the security community can be the judge...........
* * * for now I will remove the modified blocks so as to easy the burden on my firewall......
* * *
April 12th, 2002, 08:49 PM
* * * * * *Paul
* * * * * I just noticed your post......thank you...
* * * * * ok, I have hand written the urls.....(I never keep logs in firewall) an the urls being revealed are not showing by the usual means...they are being "grabbed" by a way I use........
* * * * * *yes its the weekend....an tomorrow is opening day of trout season here.....I never miss that *LOL
* * * * * * will e mail you the info soon as possible.....as you may remember I never use e mail...but will do so in this case.
* * * * * * there is at least one M$ program connecting that I have never known to be mention anywhere as being a program that connects to a persons computer....
* * * * * *the <hotmail> issue should under no circumstances be happening. * *
* * * * * will just send you the info........
April 12th, 2002, 08:55 PM
catch some for me as well, will you * ;) - throut that is.
You do know your mail will be confidential and safe with us; just send the info you do have.
April 12th, 2002, 09:08 PM
* * * * Paul
* * * * I was already out early today locating the Big ones......last year I was second in state for lagest trout caugh......prior was first in state for largest trout and bass.............have won numerous contests.....now I mostly enjoy helping the kids.....last year I had a nine year lil girl outfishing all the grown men...she won!...an she used an old second hand fishing reel I picked up for $2............some of those grown men still wont talk to me *LOL....
* * * * * Paul.....this is from one man to another.....I would never even for the slighest moment worry or in any way be concerned about sending the e mail.....we go back aways......an I am honored to associate with and know a man such as yourself. * * *An I rarely say that to any man.
* * * * * * * * * * * * Snowman
April 12th, 2002, 09:25 PM
Be assured I do regard your trust as a major compliment - indeed we go back aways; and it has been a pleasure all the way.
As for throut: seems you are sort of a fisher king - I envy you for that!
April 12th, 2002, 11:19 PM
* * * * * Paul
* * * * * you have mail!! * * * if you have any questions...please post here that you sent me mail....I never even check my e mail otherwise.....
* * * * as for the fishing....I have just been lucky. *an really I derive more enjoyment watching others catch the fish. * * each year..year after year...the dads start hollaring at their kids...or the dads show more interest in catching fish than the emotional growth of their children....an soon the kids gather around me..a few words of praise...an a few "your're doing just great" an the kids begin catching more fish than their dads....an the dads stand open-mouth looking at these kids with stringers of trout that they can barely drag or carry.
* * * * I've had as many as eighteen kids lined up along a creek laughing..having a wonderful time....an since I don't have any children of my own...these are moments I cherish.
* * * *sorry about the ot.......hmmmmmmmmm..dads have you hugged your kids today?
April 12th, 2002, 11:57 PM
* * * * Paul
* * * * I have just caugh one of the "big Boys"
* * * * will send who and where to you by mail
* * * * you just may be very surprised.!
* * * *
April 13th, 2002, 06:46 AM
emails have been received. We will look into it.
April 17th, 2002, 02:51 PM
* * * * * * Paul
* * * * * * in case you were to re-read this post....please be advised that I have now modified the modified blocks that were causing the excessive activity...
* * * * * * its an extremely busy day for me so I did not write down the original blocks. *
* * * * * * thank you for your time in this matter.
* * * * * * * * * * * * * * * regards
* * * * * * * * * * * * * * * snowman
April 17th, 2002, 03:25 PM
work in progress!
April 17th, 2002, 05:44 PM
* * * * * *Paul
* * * * * *my only reason for removing the blocks was because the excessive activity was interfering with the "streaming tickers" I use for busness....absolutely no other reason.
* * * * *you most definitely are the right man for the job if there is in fact a job to be done........no doubt about that. * *you have a business and a BB to run....I find it amasing that you find time to do all the things you do.
* * * * anyways...until later
* * * * * * * * Snowman
vBulletin® Copyright ©2000-2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums