neversleeps
asked on
port scan
hello
lately i have been receiving port scans and connection attempts to my computers port 27374
i mean alot. i use zonealarm pro so theyre all blocked but i have been receiving tons of them sometimes 1 every minute or more for like 10-45 mins straight and they are always from different ip addresses i dont think even one of the numerous times has been the same(i try to keep track of all the ip addresses that scan me, i have quite the list) anyways what is the deal with this, i know that this is the default port for all of the subseven trojan variants but why all of a sudden would i be getting all of these scans for this port. usually its port 80 for people looking for open web servers. the zonealarm security alert pop ups are getting quite annoying, i know i can shut them off but i like to know whats going on. is there some big contest going on on who can scan port 27374 the most or what? is anyone been noticing this at all? i went looking around on my computer for trojans although im careful about what i download and everything gets scanned with norton first before getting opened and found nothing in the registry or various boot files(win.ini etc.) and the start up folder. is there any reason why someone would believe that im infected and would try to scan me for it like something i did without knowing it. I asked this question somewhere else and got the port scans are not uncommon and if zonealarm is blocking it all then you shouldnt be concerned answer but ive been online for quite sometime and never had a wave of port scans to the same port by so many different people before. im interested in computer security so this makes me scratch my head any insights on this would be appreciated
best regards,
neversleeps
lately i have been receiving port scans and connection attempts to my computers port 27374
i mean alot. i use zonealarm pro so theyre all blocked but i have been receiving tons of them sometimes 1 every minute or more for like 10-45 mins straight and they are always from different ip addresses i dont think even one of the numerous times has been the same(i try to keep track of all the ip addresses that scan me, i have quite the list) anyways what is the deal with this, i know that this is the default port for all of the subseven trojan variants but why all of a sudden would i be getting all of these scans for this port. usually its port 80 for people looking for open web servers. the zonealarm security alert pop ups are getting quite annoying, i know i can shut them off but i like to know whats going on. is there some big contest going on on who can scan port 27374 the most or what? is anyone been noticing this at all? i went looking around on my computer for trojans although im careful about what i download and everything gets scanned with norton first before getting opened and found nothing in the registry or various boot files(win.ini etc.) and the start up folder. is there any reason why someone would believe that im infected and would try to scan me for it like something i did without knowing it. I asked this question somewhere else and got the port scans are not uncommon and if zonealarm is blocking it all then you shouldnt be concerned answer but ive been online for quite sometime and never had a wave of port scans to the same port by so many different people before. im interested in computer security so this makes me scratch my head any insights on this would be appreciated
best regards,
neversleeps
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
o btw winxp crazy was my other name i forgot the password and recently found it. i didnt realize i posted it under that name and signed it with other name before i did it cuz im sure u guys would have been wondering about it, damn scans 3 of um while i typed this little tiny bit
well ok i better go before i type another book and i need to go close my old account on here
have a pleasant day
laters
winxpcrazy
neversleeps
well ok i better go before i type another book and i need to go close my old account on here
have a pleasant day
laters
winxpcrazy
neversleeps
dup account?? sorry, but that's not allowed at this site.
But if you want to know more about those zombies, read http://grc.com/dos/grcdos.htm (the link I posted before) Gibson has reseached those bots and found out a lot about them.
LucF
But if you want to know more about those zombies, read http://grc.com/dos/grcdos.htm (the link I posted before) Gibson has reseached those bots and found out a lot about them.
LucF
ASKER
im sorry about the 2 accounts, i tried to close my old account(winxpcrazy) but i couldnt find out how in the help section so if u could close that one for me i would appreciate it.
thanks
neversleeps
thanks
neversleeps
wow ive written alot here alot more than i was planning on. if someone wants to sit down and type all this stuff out to me that would be great. i really like this stuff and i can never learn too much. if someone wants to take the time to type it all i will up the points for this question. also after all of this plz dont forget the origina question of the port 27374 scans as im still very curious on it and would like to know what i did or how to make it stop if there is such a way(i doubt it but u guys r the experts not me) ;)
ur help is appreciated in advance
best regards,
neversleeps