Weird IP's trying to connect to my computer

**ramennoodles11** · January 26th, 2012, 01:49 AM

HI I've been getting odd ips trying to connect to my computer? I was on a website that has alot of hackers so I'm wondering if maybe some of them were trying to hack my pc? Heres the ips and ports.

Code:

63.135.2.250:59910
84.30.171.245:18125
200.79.254.251:35337
78.105.197.108:15326

What do you think? A few of the main people who claim to be hackers are from Ontario, the netherlands, Germany and just outside of London England.
One of those IP's is from Ontario. Someones been winding me up online for a while coming to other forums I go to and bumping my threads etc...
Am I just being paranoid?

**jhondon** · January 26th, 2012, 07:44 AM

See, if some hacker is actually trying to connect to your computer, than these IP addresses won't help, as no hacker would try to hack without proper Proxy Bouncing...

Although, if you feel uncomfortable, then you can use "Port Security Software" like ProPort, etc...

***SirDice*** · January 26th, 2012, 08:44 AM

Random IP addresses and random ports. Check if your firewall is working properly and this stuff is blocked. Then forget about it.

**ramennoodles11** · January 27th, 2012, 01:20 AM

Thanks, I'm probably just playing too much into it then. What are some things to look out for if a hacker is trying to gain access? Connections to specific ports been tried?

**Wazz** · January 27th, 2012, 01:28 AM

Port 59910 is used for SAP, makes sense....they are based out of Canada

Port 18125 Suggests RSH or RLOGIN Protocols

Port 35337 Is most likely Adobe FlashPlayer (Shockwave)

Port 15326 Hmmmmm, do you Run Nessus?

Hope this helps

**ua549** · January 27th, 2012, 12:59 PM

My firewall and bastion host keep thing quite safe, but every day I analyze the syslog from the router. On average there is about one refused connection attempt logged every 30 seconds day and night. They come in bunches of hundreds before all is quiet for a few minutes. Repeat. That said, I do have a web, ftp and mail server at home.

As long as you keep your firewall secure and up to date, you shouldn't worry.

**faust** · January 28th, 2012, 01:24 PM

63.135.2.250:59910 (Persona Communications PI-HIGHSPEED-SUDBURY)
84.30.171.245:18125 (Ziggo, NL media)
200.79.254.251:35337 (Cablemas telecomunicaciones (Cancun)
78.105.197.108:15326 (York Residential Dynamic)

I agree with ua549. I use http://www.robtex.com/ to see who they are but it gets old after a while. Just keep all updated and all should be fine...

**Wazz** · January 29th, 2012, 09:14 AM

It Does Not matter what the "WHOIS" says or what the IP's are....blah, blah.......for example, 63.135.2.250 belongs to a block of 63.135.0.0 - 63.135.31.255...an entire ISP (most likely)....The Specific PORTS are what matters. Check for installed Apps on the Ports and Protocols I listed then go over you logs and look for Handshakes, Authentication, and Outgoing Traffic as well.........

**ua549** · January 29th, 2012, 02:44 PM

Here is a partial list of registered and well known port numbers. NirSoft has a handy freeware utility called CurrPorts that shows details of all opened ports.

**thatgeekyboy** · December 27th, 2012, 04:48 AM

are you downloading torrents or anything?

Thread: Weird IP's trying to connect to my computer

Thread Tools

Display

Weird IP's trying to connect to my computer

Don't be paranoid..!!

Similar Threads

Abbr: history of the computer virus

Computer Infections/Attacks

Intro To Computer Building and Hardware

Securing Your Windows PC

Computer Addict

Posting Permissions