Continous port scanning

ESET personal firewall log showing a lot of port scanning attacks from source
67.202.28.159.12200. Attacking always . what to do with this??
I checked ip address in http://whatismyipaddress.com
its showing

General Information

Hostname: ec2-67-202-28-159.compute-1.amazonaws.com
ISP: AMAZON.COM
Organization: AMAZON.COM
Proxy: None detected
Type: Corporate

Geo-Location Information

Country: United States
State/Region: FL
City: Miami
Latitude: 25.7615
Longitude: -80.2939
Area Code: 305

 

Hello nikanthpromod,

Do you have any Amazon add-ons or plug-ins installed? This could be some type of communication going to those that is being detected in error.

 

Hello nikanthpromod,

Are you running any type of server (such as an HTTP server)?
From the limited info given, it could be a search engine spider.

 

Hello,

Another possibility might be a program which uses Amazon's Web Services, such as a data backup program which stores your information on the Internet.

Regards,

Aryeh Goretsky

 

No amazon plugins installed, I didnt use any amazon services.
I have Firefox as my web browser and google as my search engine.
But firefox contains amazon search engine but i never used that.

Continously port scanning every time i enter internet.
Ihave ESET SS , WINPATROL , REAL TIME DEFENDER
FIREFOX WITH ADBLOCK PLUS, DOWNLOAD HELPER, SMOOTH WHEEL & JAVA quick starter ADDONS

 

Hello,

If you open a Command Prompt (filename: CMD.EXE) and issue a "netstat -b" command, do you see any programs connecting to 67.202.28.159 on port 12000? If so, which ones? If you are running Microsoft Windows Vista or Windows 7 you may need to open an elevated Command Prompt.

Regards,

Aryeh Goretsky

 

I am getting port scanning from that IP and if you browse it you may notice it doesn't look very amazon like.

There is a file with a list of ip addresses
3 directories alexa, checkcc and spam.

Looks dodgy to me.

Regards
Mark Dormer

 

no. no programs connecting to that ip.

Surprisingly today i didnt receive any attack from that ip.

I think they are tired

 

I scanned my pc(win xp) with Hitman pro , MBAM , SAS , ESET , DR.WEB cureit.
Nothing found. So I think my pc is not infected. Eset blocked port scanning too.

So im not in danger , right??

 

Another prot scanning attack fom 174.129.67.14.12200

General Information

Hostname: ec2-174-129-67-14.compute-1.amazonaws.com
ISP: AMAZON.COM
Organization: AMAZON.COM
Proxy: None detected
Type: Corporate

Geo-Location Information

Country: United States
State/Region: WA
City: Seattle
Latitude: 47.5839
Longitude: -122.2995
Area Code: 206


I think, I receive these attacks when i use Facebook.

 

Dont worry about scans. Most are just automated scans being made against thousands+ of IPs looking for server ports (possible un-patched server software) it is why I asked if you where running a server.

If I set my firewall to log these blocked scans, then I also see hundreds of scans a day. I just ignore them and usually do not log them.


- Stem

 

Hello,

Perhaps an application or service provided by Facebook hosts its data on Amazon.

Regards,

Aryeh Goretsky

 

Thanks for ur replies.