Tracing and catching Pingers

I leave a few ports open for local  FTP filesharing and when my firewalls on (Zone Alarm) its says 5412 access attempts blocks, I know they're pinging my ports because if I turn off the firewall my FTP has all kinds of problems.

Is there anyway to see WHO has been pinging my ports???
LVL 1
pdorileyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TeethingCommented:
There should be a logging feature in your firewall software to show the source ip address.

I would recommend turning off ICMP unless you really need it for something and then making some restrictions on your FTP service to prevent unauthorized users.
0
ndemeterCommented:
You cannot ping a port, you ping an IP. If your Zone Alarm is going off then there should be three things that you should be seeing on the screen:

a) originating IP (this is the offender)
b) destination IP (this is you)
c) destination port (the port they were trying to get to on your computer)

Most of the time what you see is worms trying to find more vulnerable computers to infect. There are times however that what you see are people post-scanning you. That is, they are trying to find that open services are on your computer that they can exploit. My advise would be to keep your firewall on and disable anonymous FTP access.
0
Cyber-DudeCommented:
If you will see any Firewall reposrt, it will report to you what IP address tried to 'ping' you. What Firewall software are you using?
Etherway, theres this GREAT site enables you to enter an IP address and plot you with its origin. Theres one problem though; If someone is using those free Proxy servers available on the net, It would be difficult to trace those packets sience, even in case you succeed in capture that packet; You may learn the application trying to connect but you wont be able to know the IPs true origin (unless its a transperent proxy).

Links:
The info site:
http://www.dnsstuff.com

Hope that helped

Cyber
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.