General SecurityPost any general questions related to security, viruses or spyware here.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Comes up with Velocity Networks as the owner of IP address.
This is a scan of systems across a network by someone that uses Velocity Networks, looking for open ports. May or may not be malicious. ISP's and Network admins scan networks as a security measure. Hackers use scans to find vulnerable systems with open ports.
In either case, Sygate is doing it's job by blocking the reported ports.
Charles what can I do to check whether this is malicious or not? can I block it somehow?
Hi Cloudine,
Sygate is blocking it. You can't stop the scans themselves, only block them. I wouldn't worry about it.
If it is malacious, then most likely its an infected system with a trojan that's looking for others to infect. Can't really tell unless there are a lot of these scans and with a pattern of about the same time(s) during the day. That's an indication of someone turning on their system around the same time daily.
Quote:
Originally Posted by bombagirl
I don't get it....what did I do wrong????
Pete was reacting to your thread title - we encourage meaningfull tiltles so that others searching with this or similiar problem will come upon your thread. I was going to change your title but Pete beat me to it.
Sygate is blocking it. You can't stop the scans themselves, only block them. I wouldn't worry about it.
If it is malacious, then most likely its an infected system with a trojan that's looking for others to infect. Can't really tell unless there are lot of these scans and with a pattern of about the same time(s) during the day. That's an indication of someone turning on their system around the same time daily.
Regards - Charles
still didn't get it....sorry...there was no indication that sygate blocked it....port scan attack is logged....that doesn't showe it is being blocked no?
someoen told me that people can get your ip ad....what is it? they stole money from his internet banking...he thinks people from mirc chatting...what is this please? how can this happen? does this mean I must stop using mirc?
still didn't get it....sorry...there was no indication that sygate blocked it....port scan attack is logged....that doesn't showe it is being blocked no?
It is being blocked - the forewall is logging the scan for your information; as a former user of Sygate I can attest to that. And every firewall does the same thing.
Quote:
Originally Posted by bombagirl
someoen told me that people can get your ip ad....what is it? they stole money from his internet banking...he thinks people from mirc chatting...what is this please? how can this happen? does this mean I must stop using mirc?
Your IP address is public knowlege - look in Sysgate's logs for yours under destination I think.
What got stolen is the password(s) to access the account(s). Not the user's IP address which doesn't get you anywhere unless the system is unprotected. The means to steal the passward is done either thru a fraudulant email pointing to a bad website or a trojan got onto the system. In either case, it came thru the Browser, not the firewall.
I don't know anything about MIRC, so can't pass judgement about it's safety. A quick search on it doesn't come up with any major alarms. There are, as in any software, holes and bugs. There are specific downsides the way scripting is used in an earlier version - see http://en.wikipedia.org/wiki/MIRC
Quote:
mIRC scripting allows troublemakers to dupe naive users into running malicious code merely by typing things in the chat window (for example, entering lines beginning with //write $decode(). Since version 6.17 this is disabled by default, and various other commands considered dangerous can be locked in mIRC options
In the meantime, list the security software you're using and we'll see if there is anything to add or substitute to make your system more secure.
For future reference, in that thread's post #2 for which I gave you the url for - TeMerc's reference to IESPY ADS is highlighted in blue which means clicking on it takes you to the same place that Pete's url does.
