Lately, ever since I installed Sygate Personal firewall Pro... it has been blocking some traffic from RIPE Whois Server. Most of the blockage traffic comes from 'em.
It seems the RIPE Whois Server always scans my port? and today, I got this security log which had the security type as intrusion detection & the description is '[181.1] Inbound DCE BIND to potentially vulnerable RPC DCOM interface attempt detected'. The 2nd one is '[182.1] RPC DCOM buffer overflow attempt detected'.
What are the 2 descriptions?
I'm paranoid whether this all meant any harm to my computer or something? I'd appreciate it if anyone replies.
April 1st, 2004, 12:29 PM
The RIPE whois tries to update it's info by connecting to your nameserver (DCE BIND)
Propably the RIPE whois Server "thinks" you are running a DNS (which you are not, I guess)