Intrusions by ISP

The greatest number of hits on my ZAP logs are from my ISP - IP Protocl 89 and 103 being the most recent.  There seems to be an enormous number of different types of intrusions - ICMP, Finger, UDP, etcetera.  Either that or I'm being probed by other users on my ISP's network.  Is that likely?  Why would my ISP try so many different ways to probe me?  I've noticed similar things with CompuServe too, when I've used it as an ISP - mostly probes from CompuServe France.

I'm sure this is all so-called 'background noise' but what's it trying to achieve?  

 

Checkout - It's one of the big mysteries for me as well. It's the same thing as you described and it drives me crazy. There's hardly a minute when my activity light isn't buzzing with activity. I am not into that and don't understand it all, but I sure wish I knew why my ZA logs are always filled up with all that stuff from the ISP. Maybe someone can help us out?

Take care!

John

 

Checkout - What it's trying to achieve could be many things, your ISP checking for problems, checking to see if your connection is active (in the case of people who get dis-connected if their not actually using their connection - sucking up bandwidth for no reason) , port probes from scriptkiddies - the list is actually kind of endless.

I just ignore it unless the hits are close together and all from the same source. Pete

 

Ugh.  Will-um watch-um, Kimosabe!

 

    Checkout


   for the past few weeks I have been logging countless contacts from "proxy cache servers"......very often it will appear that a person's IP is scanning when in fact its one of the cache servers...........

  when a person trys to access a url instead of going directly to the url a "copy" of the url will be sent from the cache server......this imo is a very serious security problem....in numerous ways............but to date its been ignorred..........personally O don't want a "copy" of someone's trogan or virus.

   an yes...it may in fact just be harmless scans by your ip.............have you try to trace them?    you may just be surprised.       also, after weeks of blocking the proxy cache servers located so far.....no harmful effects have been noticed.....

 

Snowman, thanks for the post - and good to see you again.  Your style is distinctive!

 

      Checkout

     hey friend....really nice to see you again .....hope you are doing well.


    amasingly since blocking those sneaky cache servers I rarely get an alert from my firewall......unfortunately the cache servers are rather difficult to locate.....they remain hidden for the most part.....fortunately once blocked they remain blocked.

   eventually I may decide to take the time to make a personal list of all the addys...many of the smaller ip's are being forced to use the cache servers......an someday this may result in a massive problem for the entire internet.........of course anything on the cache servers can be read by whomever.......this was the brainchild of M$......an we all know about M$.....

   well enough said on the subject.....wishing you well Checkout.......have a pleasent weekend..