Posted 20 December 2010 - 11:08 AM
BC AdBot (Login to Remove)
Posted 22 December 2010 - 10:06 AM
- SamSpade.org Whois
- DNS Stuff WHOIS
- Domain Tools Whois
- CQCounter whois
- All Net Tools SmartWhois
- Network-Tools.com whois
- Microsoft Network Monitor
- PRTG - Free Network Monitor
- Other network traffic monitoring tools
Shields Up is an online port scanning service used to alert the users of any ports that have been opened through firewalls or NAT routers.
There are third party utilities that will allow you to manage, block, and view detailed listings of all TCP and UDP endpoints on your system, including local/remote addresses, state of TCP connections and the process that opened the port:
- TCPView for Windows
- DiamondCS OpenPorts
- AnalogX PortBlocker
- Emsa Port Blocker
- Local Port Scanner
For a list of TCP/UDP ports and notes about them, please refer to:
- Ports for Internet Services
- List of Well Known and Registered TCP and UDP port numbers
- IANA.org Registry of Port Numbers
- Ports List (all)
- Speed Guide's Searchable Ports Database
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Posted 22 December 2010 - 10:30 AM
from Router log.
So if I understand correctly, you've a Windows 7 machine that is connected to a router/modem, which is connected to the Internet.
Your Windows 7 machine has a private IP address, and your router obtains a public IP address from your ISP (NAT setup).
The port scans you are seeing, are on the public IP address of your router.
If my description of your setup is correct, then seeing a lot of port scans on your router is, unfortunately, normal (unless your ISP takes some measures to protect your router).
There is a lot of port scanning on the Internet, both by humans and by infected machines looking for new targets.
If your router is properly configured and is not vulnerable (e.g. because you applied the latest firmware), then you should not worry.
SANS ISC Handler
Microsoft MVP 2011-2015 Consumer Security