hi, in this screenshot all the 80.42's are on the same ISP as me so they must be worms, right?

so the 201.7.41.3 must be a script kiddie or someone being controled by one, but not lightly, is that correct?

it doesn't matter i worked it out.

-{ Quote: "hi, in this screenshot all the 80.42's are on the same ISP as me so they must be worms, right?

so the 201.7.41.3 must be a script kiddie or someone being controled by one, but not lightly, is that correct?" }-
That would be a reasonable assumption, worm/virus activity from compromised systems. It is not unusual to see higher amounts of these types of scans from within your ISP's subnet.

-{ Quote: "it doesn't matter i worked it out." }-
Care to share your findings?

Regards,

CrazyM

-{ Quote: "That would be a reasonable assumption, worm/virus activity from compromised systems. It is not unusual to see higher amounts of these types of scans from within your ISP's subnet.


Care to share your findings?

Regards,

CrazyM" }-
i just thought it depends which port it is. if it's the netBios ports then it's a hacker, if it's a common file sharing port then the address might have belonged to a file sharer before you. so it depends which port it is. if you see it going through your ports then it's a hacker again. but, it could be a zombie lol not lightly though!

so i have no idea about that scan ??? it was just a single netbios port, maybe a slow scan, but that would be stupid on a dhcp connection. i don't know. if i had to guess i'd say a silly script kiddie. what do you think?

OK it's definately someone trying to hack, they sent one UDP datagram to see what the reply was, if they got a reply they may have tried something else. maybe not a silly script kiddie then.