For the past week or so Outpost Pro 2.1 has logged at least one port scan attack each day. Sometimes as many as three. Here is a sample: 4:19:03 PM Attack Detection Report Port Scanning has been detected from 18.104.22.168 (scanned ports:TCP (HTTP, 6129, 3127, 1025, 2745)) Under blocked connection I logged four attempts from this IP address at about the same time, all were blocked. These seem to be ports used by a lot of trojans and worms, however yesterday one attack showed this: 3/15/2004 9:35:24 AM Attack Detection Report Port Scanning has been detected from 22.214.171.124 (scanned ports:TCP (HTTP, 5000, 6129, 3127, 1025, 2745)) The attack always comes from a different IP address but I never noticed this happening in the past so it bothers me that it is happening so frequently lately. I've run TDS3 full system scan, spybot S&D, Adaware and use Nod32 as my AV updated daily. Nod did find js/iestart trojan on my system in its daily scan a couple of days ago but this was happening prior to and after removal of that trojan. Is this just script kiddies or could something be hidden on my system that someone is looking for? Should I be concerned or content knowing my firewall is doing its job?