-
June 28th, 2002, 08:38 PM
#11
Originally posted here by Elliente
I just recently ran netstat, and here it is:
TCP 24.156.105.52:139 0.0.0.0:0 LISTENING
TCP 24.156.105.52:1185 63.108.181.201:80 TIME_WAIT
TCP 24.156.105.52:1186 168.143.179.189:80 ESTABLISHED
TCP 24.156.105.52:1187 63.108.181.201:80 TIME_WAIT
TCP 24.156.105.52:1195 63.108.181.204:80 CLOSE_WAIT
TCP 24.156.105.52:1196 63.108.181.204:80 CLOSE_WAIT
TCP 24.156.105.52:9533 0.0.0.0:0 LISTENING
here is what i got when I scanned remotely:
TCP: 24.156.105.52 [135-epmap]
TCP: 24.156.105.52 [139-netbios-ssn]
TCP: 24.156.105.52 [1025-blackjack]
TCP: 24.156.105.52 [5000-commplex-main]
TCP: 24.156.105.52 [9533]
9533 appears to be open in both cases, along with 139
port 139 is a NETBIOS session service, couldn't find what 9533 is used for.
before this i re-installed zone alarm and disabled the Win XP (non)-firewall.
Thanks for giving us your IP
-
June 28th, 2002, 10:36 PM
#12
Member
seriously...
shouldnt give out ips and (especially what ports are open). The kiddiots will have a field day with this...
9533 is prolly some trojan.
freedom is a road seldom traveled by the multitude
freedom aint free
-
June 28th, 2002, 10:54 PM
#13
Banned
On your ZA try going to the firewall section and go to advanced, try checking enable ARP protection, Allow uncommon protocols at High Security, and the one on top of the second one. If your on a network, check the enable gateway protection.
The least security someone could have is an anti-virus because thats where some hacks first occur, with the victims computer infected. Id get your computer scanned at Trend Micro and get an Anti Virus. I barely noticed the fact of the netstat results you put. Id get a DNS form of IP if you have broadband. Be careful when you post next time.
-
July 5th, 2002, 02:07 AM
#14
Wow, I guess that wasn't a very smart thing to do eh? Giving my IP address out I mean...LOL
Oh well, What I have running now is working great; McAfee and Sygate personal firewall; I recently ran some netstats and port scans, and everything is fine now! Come to think of it, Before my IP address changed a few days ago, I did notice a few more scans than normal!
Anyway, there are currently no open ports on my system! thanks for the input!
I guess I shouldn't give out my new IP eh!
----------------------------------------------------------------
\"First you get the sugar, then you get the power, then you get the women\"
----------------------------------------------------------------
-
July 5th, 2002, 02:17 AM
#15
if u r looking for a good firewall i would personally recommend agnitum outpost
heres the url if u r interested in it i find that it is better than zonealrm and sygatet
http://www.agnitum.com
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
http://muaythaiscotland.com/
-
July 13th, 2002, 04:53 AM
#16
Junior Member
I agree wholeheartedly with iNViCTuS and bombayofpigs. You really shouldn't post IP info with open ports while admitting you can't find the log files for your IDS. Next time you should x out the address like this.
TCP xx.xxx.xxx.xx:1185 xx.xxx.xxx.xxx:80 TIME_WAIT
You should leave the port numbers so we can have some idea about what is running, misconfigured, etc.
I know it's a pain in the ass, but there are somethings you shouldn't post in a public forum.
A great oak is the end result of a nut who stood his ground.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|