Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Tracing and catching Pingers

Posted on 2004-11-01
3
Medium Priority
?
179 Views
Last Modified: 2013-12-07
I leave a few ports open for local  FTP filesharing and when my firewalls on (Zone Alarm) its says 5412 access attempts blocks, I know they're pinging my ports because if I turn off the firewall my FTP has all kinds of problems.

Is there anyway to see WHO has been pinging my ports???
0
Comment
Question by:pdoriley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Assisted Solution

by:Teething
Teething earned 500 total points
ID: 12468749
There should be a logging feature in your firewall software to show the source ip address.

I would recommend turning off ICMP unless you really need it for something and then making some restrictions on your FTP service to prevent unauthorized users.
0
 

Assisted Solution

by:ndemeter
ndemeter earned 200 total points
ID: 12469680
You cannot ping a port, you ping an IP. If your Zone Alarm is going off then there should be three things that you should be seeing on the screen:

a) originating IP (this is the offender)
b) destination IP (this is you)
c) destination port (the port they were trying to get to on your computer)

Most of the time what you see is worms trying to find more vulnerable computers to infect. There are times however that what you see are people post-scanning you. That is, they are trying to find that open services are on your computer that they can exploit. My advise would be to keep your firewall on and disable anonymous FTP access.
0
 
LVL 15

Accepted Solution

by:
Cyber-Dude earned 300 total points
ID: 12471842
If you will see any Firewall reposrt, it will report to you what IP address tried to 'ping' you. What Firewall software are you using?
Etherway, theres this GREAT site enables you to enter an IP address and plot you with its origin. Theres one problem though; If someone is using those free Proxy servers available on the net, It would be difficult to trace those packets sience, even in case you succeed in capture that packet; You may learn the application trying to connect but you wont be able to know the IPs true origin (unless its a transperent proxy).

Links:
The info site:
http://www.dnsstuff.com

Hope that helped

Cyber
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question