Results 1 to 3 of 3
  1. #1
    Join Date
    Jan 2003

    Question access log for dummies?

    OK I'm a newbie at this networking stuff. I'm looking at an access log off of a d-link router and there is an awful lot of unrecognized access from many different IP addresses. Can any of you explain this to me? Attached is a copy of my access log.

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    No expert mate, but it looks like it could be one of those internet worms?

    Make sure your OS is fully patched please, and update and run the AV application that you have.


  3. #3
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Looks like someone might be scanning for commonly-exploitable ports (137 and 139 are used by Windows NetBIOS I think). Either that or it could be an internet worm (as nihil said).

    Patching your OS won't necessarily make any difference if you're running a hardware router, but it's best to be sure.

    Port 137: NetBIOS Name Service
    Port 139: NetBIOS Session Service
    Port 445: Microsoft Directory Services

    In all likelihood it's either a worm or a bunch of script kiddies searching for vulnerable Windows computers. If you have a hardware router between your computers and your network and/or your workstations are running an operating system other than Windows, it shouldn't be anything to worry about.
    Paul Waring - Web site design and development.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts