Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Analyzing Comodo Logs


  • Please log in to reply
4 replies to this topic

#1 Commander Gman

Commander Gman

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 26 August 2007 - 11:07 PM

Hi everyone
Just want to ask about Comodo
How does one analyze a Comodo log?
Any tips and suggestions?
I usually see a large listing of Inbound Policy Violation Access Denied=IP 192.168.0.153,Port =nbdgram (138))
Are these attacks? or just internet traffic.
Any help will be appreciated :thumbsup:

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,574 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:06:06 AM

Posted 27 August 2007 - 09:21 AM

NetBIOS uses ports 137, 138
http://www.grc.com/port_138.htm
So long as you keep NetBIOS within your own network and don't let it go out to the internet, it's not a threat.

#3 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 29 August 2007 - 07:59 AM

Ok then
so this site basically test ports if you're vulnerable?
Sorry for the late reply though

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#4 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,574 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:06:06 AM

Posted 01 September 2007 - 09:48 PM

I'm late too so we're even :thumbsup:

Yes, it tests ports to see if you're stealth. Most firewalls can totally block visibility of your computer. But read their descriptions of challenges and meanings. I found it educational.
Anyway it's a good test which can expose some vulnerability. BTW, try it without a router in place to test the firewall in the computer instead of your router.
They do other tests, such as one leak test. Worth doing. Now, even if you pass the grc leak test ... read on ...

There is another site, http://www.firewallleaktester.com/ , with numerous other good tests, PCflank (#19) being the roughest to pass even under the best of circumstances. Reading the descriptions of each one in the link above is food for thought, believe me :flowers:

Incidentally, I think the site is misnamed, in that, while grc tests the firewall, the tests on this site basically test your entire security system, only part of which is the firewall in my opinion. Just reading the descriptions of the tests is enough to shake your confidence in the protections we take for granted. I don't mean any product comparisons, find them rather meaningless (due to unknown configurations). What Ifind interesting is how and why you might be vulnerable. Just learning. Forever it seems :trumpet:

Edit; IMPORTANT (IMO)Some of the tests can break your computer, so run them having first backed up the whole system, or on a computer that can be trashed. I haven't experienced the breaks yet but I think it's very possible.

Edited by tos226, 01 September 2007 - 10:25 PM.


#5 Commander Gman

Commander Gman
  • Topic Starter

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 02 September 2007 - 01:23 AM

Thanks for the link :thumbsup:
Although I'm pretty worried what troubles can this test may do
Maybe if there were a list of the effects in each test shown and can be fixed back originally.
Then I would take the tests provided :flowers:
I also already have went to the gibson site.
They tested my computer and it was stealth,also disabled DCOM which was quite unnecessary to have it activated.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users