|
-
May 10th, 2004, 03:09 PM
#11
Originally posted here by nihil
Foxy and the other members are right:
Like the IP addy is 123.123.123.789 EVERY time, or do the characters change?
That is quite IMPOSSIBLE! You should know better than to have any octet higher than 254...  Just messing with you though... as you were just using it as an example.
Its possible (as others pointed out) that the ISP is just seeing if that IP is in use and if it can be issued to another customer. If they get no reply, then they put it in their DHCP pool and lease that IP to another customer. This would create ip conflicts though... so I'm not quite sure why they'd do it this way. I've never see this type of activity from my ISP. (verizon DSL)...
However.. I DO see them scan me from time to time for "unauthorized servers"... they just scan normal ports... 21, 22, 80, 8443, 8080, etc. So, basically... if I wanted to run a server, I could just block those scanning machines and verizon would not be any wiser. I could also just change the ports that the services are running on... Unless they were actually monitoring traffic...
As everyone else said though... this type of activity is pretty normal. Could be infected machines, could be some s.kiddie running his tools. You should just be happy your're blocking them. If you don't want the alerts to show up... then config your firewall not to alert you.
You could also put another box between you and your internet connection... like a router if you are on broadband. Or a smoothwall box if you're on broadband or dial up. Then everything would be logged on that box and you wouldn't see it on your other PC.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
May 10th, 2004, 03:18 PM
#12
You could also put another box between you and your internet connection... like a router if you are on broadband. Or a smoothwall box if you're on broadband or dial up. Then everything would be logged on that box and you wouldn't see it on your other PC.
Go with that...its the best thing you can do. Most, if not all packets will be dropped at the router, and if anything makes it through...your other firewall will block them. I used to get scanned all the time for zombie machines, and Norton's Personal Firewall would block them all, but once I reconnected my computer with the router (Had some issues so had to connect directly online), everything is being blocked at the router.
-
May 14th, 2004, 10:05 AM
#13
Junior Member
phish, ?
"Its possible (as others pointed out) that the ISP is just seeing if that IP is in use and if it can be issued to another customer. If they get no reply, then they put it in their DHCP pool and lease that IP to another customer."
Does this type of DHCP discovery have a name? I'm not trying to be a smart***. This makes no sense( *ding ding ding, noob*) to me as related to leased addressing. Isn't there a % of time at which the CLIENT starts checking for DHCP servers. Or am I thinking Windows instead of ISP?
_____________________________________________
“The magnitude of a threat is inversely proportional to its frequency.” - Courtney
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote