BleepingComputer.com: Port Attack / Hijack Warning

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Port Attack / Hijack Warning Sygate Personal Firewall

#1 User is offline   Verons88 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 07-November 06
  • Gender:Female
  • Location:Kuala Lumpur

  Posted 21 November 2006 - 10:10 PM

I sometimes got warning message from my Sygate Personal firewall (Port Attack).

Normally I will double click on the red sygate icon, then click on Action / stop all active responds. And maybe follow up with back trace and who is...

My question:

1) Do I really need to do that every time I got a Port Attack warning?
2) What if sometimes Im away from my PC and didnt click on the 'stop all active respond'? What is my risk?
3) What will Sygate do once it detects a port attack/hijack? Will it automatically protect my pc?
4) Why does someone want to scan my port? And what will they get?

I usually discover that those port attack is from China.

Thanks
Veronica Yeoh

#2 User is offline   sq2 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 40
  • Joined: 21-November 06

Posted 22 November 2006 - 01:30 PM

What port is being attacked?

#3 User is offline   Verons88 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 07-November 06
  • Gender:Female
  • Location:Kuala Lumpur

Posted 22 November 2006 - 09:29 PM

I'm not sure what port is being attacked. But just got warnings from sygate. Or do u call that port scan?
Veronica Yeoh

#4 User is offline   LisaMicheleL 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 43
  • Joined: 25-June 05

Posted 22 November 2006 - 09:31 PM

Hi Verona,
I was just biding my time while I waited on a Hijack this log...I'm being inundated suddenly with the same thing...did you resolve your issue?

#5 User is offline   Verons88 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 07-November 06
  • Gender:Female
  • Location:Kuala Lumpur

Posted 22 November 2006 - 09:36 PM

Hi LisaMicheleL. I'm not sure if I have my issue resolved. It's like ' Port Attack. Someone is scanning your computer" warning frm Sygate firewall. I still haven't got the reply for my first post here (for my 4 questions) Am still waiting......

This post has been edited by Verons88: 22 November 2006 - 09:38 PM

Veronica Yeoh

#6 User is offline   LisaMicheleL 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 43
  • Joined: 25-June 05

Posted 22 November 2006 - 09:45 PM

Wow...wish i could help you. Blame it on tomorrow's holiday that you've yet to hear from someone.
Strange though isn't it...

#7 User is offline   sq2 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 40
  • Joined: 21-November 06

Posted 22 November 2006 - 10:17 PM

@Verons88

A lot of the time you have people out there on the net who port scan other computers to see what ports are vulnerable or to find services on the target computers that might be vulnerable. I have used Sygate before and once the firewall detects a port attack it will usely block the IP that is attacking or probing. If you take a look at Sygates logs you can determine which port or ports is being probed and the IP that is probing it. I don't know if it is allowed here or not, but maybe you can post the log to let us see what ports is being probed.

#8 User is offline   rowal5555 

  • Just enough info to be armed & dangerous...
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 2,635
  • Joined: 18-March 06
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ

  Posted 23 November 2006 - 12:42 AM

You can easily check your computer's vulnerability by going to : grc.com

These are the GOOD GUYS who will try and attack your machine to see what can get through.

Scroll down to 'ShieldsUp' and run the tests there. Good luck.

Cheers

This post has been edited by rowal5555: 23 November 2006 - 12:43 AM

rowal5555 (Rob )                                                             
Avid supporter of Bleeping Computer's
Team 38444
You can help find a cure

 

#9 User is offline   MaraM 

  • Forum Addict
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 1,717
  • Joined: 02-April 06
  • Gender:Female
  • Location:British Columbia, Canada

Posted 23 November 2006 - 10:31 PM

Hi Rowal,

Thanks so much for that link to 'Shield's Up' - I've tried others that were far harder to understand and this one not only works perfectly with my Netscape Browser, even I can understand the results - hoot!

(Even happier to learn that my computer scan said, "All attempts to get any information from your computer has FAILED" - yipee! And by only using free programs, too!).
Never let your computer realize you are in a hurry or just typing the last few words of a vital document.

While outer events might make one happy or sad, happiness itself is entirely internal, and at all times completely within one's power.

#10 User is offline   Verons88 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 07-November 06
  • Gender:Female
  • Location:Kuala Lumpur

Posted 23 November 2006 - 11:23 PM

rowal5555, Thanks for the useful link.
I'm happy that all my scan result is passed. :thumbsup:

sq2
I've deleted all the log reports....
But since I've run a test at the link rowal provide, I noticed that my Sygate actually blocked the attacks. :flowers:

LisaMicheleL I guess I've recieved the help I needed :trumpet:

Regards
Veronica Yeoh

#11 User is offline   rowal5555 

  • Just enough info to be armed & dangerous...
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 2,635
  • Joined: 18-March 06
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ

  Posted 24 November 2006 - 06:17 AM

Glad it worked for you. If you run 'Leak Test' from the same site, it will check if 'Trojan Dial Homes' are able to get passed your firewall. Just follow the directions carefully.

Cheers
rowal5555 (Rob )                                                             
Avid supporter of Bleeping Computer's
Team 38444
You can help find a cure

 

#12 User is offline   Verons88 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 156
  • Joined: 07-November 06
  • Gender:Female
  • Location:Kuala Lumpur

Posted 24 November 2006 - 11:41 AM

Hi, rowal5555.

Thanks again! My computer passed the Leak Test too!

This is great. Wonder what test should I run next :thumbsup:
Veronica Yeoh

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users