Chris H. wrote:
> Hello,
>
> I have been receiving port scans lately from my ISP range. I am on
> dial-up
> by the way. Below is a sample of the port scans that I have been getting.
>
> FWIN,2005/01/18,22:42:34 -8:00
> GMT,204.244.70.226:4213,204.244.70.33:135,TCP (flags:S)
> FWIN,2005/01/18,21:49:42 -8:00
> GMT,204.244.70.226:4190,204.244.70.34:135,TCP (flags:S)
> FWIN,2005/01/18,21:54:38 -8:00
> GMT,204.244.70.226:1674,204.244.70.34:135,TCP (flags:S)
> FWIN,2005/01/18,21:42:52 -8:00
> GMT,204.244.70.226:1042,204.244.70.34:135,TCP (flags:S)
> FWIN,2005/01/18,01:51:54 -8:00
> GMT,204.244.70.21:1264,204.244.70.33:445,TCP (flags:S)
OK port 135 is:
Microsoft's DCOM (Distributed, i.e. networked, COM) Service Control Manager
(also known as the RPC Endpoint Mapper) uses this port in a manner similar
to SUN's UNIX use of port 111. The SCM server running on the user's
computer opens port 135 and listens for incoming requests from clients
wishing to locate the ports where DCOM services can be found on that
machine.
Port 445 is used by Microsoft for a data services...
Yes, you are probably being scanned...so what is your question?
-- Michael
|
Similar Threads
