Hi everyone,

I am using Outpost (latest stable version out which is 2.7 and something I believe) and I was looking up an artist's name in Itunes to buy some music from them when Outpost told me that an Intruder was blocked and it was a port scan. Is this normal for Itunes or?

That was earlier in the day. Tonight, I visited a website called PCpitstop.com to scan my system and how good or bad of condition its in but I never did the test. I just went off to another webpage. But now, 30 mins later... I get a visual alert saying Intruder blocked, and it was done by PCPitstop.com.

I find this strange... could these be false positives or could these be real attacks?

Thanks, hope someone can relieve my worries over these sudden, odd intrusions.

- Brian

12 views... can anyone give me a clue? I just am worried why it would of detected port scans..... ???

better to detect them and block them than not ;)

Hey Bigc :), ok true... I have it set to block the intruder for 60 minutes.

When trying to determine what you are seeing complete log entries help. Just xxx the end of your public IP.

Regards,

CrazyM

Hi,

Well, I find it very unusual to have such frequent, out of the blue "attacks" because I have a router and I also had Windows Firewall on and never have gotten any alert of anything. The day I install Outpost is the day I've noticed all these windows about different port scans being detected.

One detected to some website thats called: wiltel . com

The others occured when I was webcamming with a friend on MSN Messenger, and I used the PCFlank Plugin for Outpost "WhoEasy" and they traced back to that website wiltel . com and Microsoft.

Again I just find it odd but any ideas would help. Here is a picture of what I see, I cleared out the IP addresses of the intruders but if a picture with their IP addresses would help, then I have that.

Something more along the lines of the following would help:
denied udp 222.141.93.17(47870) -> 154.xx.xxx.xx(1026)
denied udp 222.141.93.17(47870) -> 154.xx.xxx.xx(1027)

It helps to include protocol, source IP/port, destination IP/port. Do the events you are mentioning have all this?

Regards,

CrazyM

I was looking at the Outpost forum and another person said they had the same problem but they don't think its anything to worry about. Feel safer using MSN Messenger :)

Thank you CrazyM for your help though, and no I do not... not that I see. I was more less nervous and had to post but not thinking before I should, to check Outpost forum for any known issues and so forth. I apoligize, but again, I don't think I need to worry :).

~ Brian

-{ Quote: "I apoligize, but again, I don't think I need to worry :)." }-
No need to apologize. The idea was to get the detailed logs in order to get a better idea of what you may be seeing and why. If these are just false alarms in Outpost it would be nice to know.

Regards,

CrazyM