Discussion in 'Forum Related Discussions' started by gerardwil, Aug 25, 2006.
Minor issue I suppose but why is Wilders doing port scans?
never recogniced that. How do you come to this conclusion?
Because I saw this.
Actually it would be a MAJOR issue Gerard if indeed Wilders was doing a port scan on anyones PC.
Other than the pic you are showing....what other info would you mind sharing that might help determine how you are coming to this conclusion
I will PM you.
Bubba will come back here after reading and answering my PM. Thanks Bubba!
For todays log I found this one but it doesnt mean anything to me, but I suppose Dshield will filter this one out when converting my log to theirs:
2006-08-25 09:11:33 DROP TCP 188.8.131.52 192.168.2.220 80 2367 40 FA 2014630893 533529849 8866 - - - RECEIVE
Ah, that makes sense. When the source port is 80 (from the IP address of a webserver you've visited recently), and the destination port is in the ephemeral port range (on your computer), then the usual reason for a reported "port scan" is simply delayed packets returning from the webserver after your firewall or router has timed out the connection. This is one of the most common scenarios for "port scan" false positive alerts.
There's more information about this at the following link:
Thanks for answering and the link.
I am happy I learned again something today
And it show us you are always stand-by
Separate names with a comma.