Dlink.com.sg intrusion with worm??

Dlink.com.sg intrusion with worm??
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Dlink.com.sg intrusion with worm?? Luther 10-10-2006
Posted by Luther on October 10, 2006, 5:19 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Dear All,

It sound stranged. This website from a well know network company attemped
to intrude into my system. I have been accessing this website serveral
time in the pass few months. Every time ended with abandoning due to
slow in response.

However today I got a shock from Norton anti virus popup. As shown below.

Details: Attempted Intrusion "NMap Xmas Scan" against your machine was
detected and blocked.
Intruder: www.dlink.com.sg(203.126.164.142)(21).
Risk Level: Medium.
Protocol: TCP.
Attacked IP: ACE(192.168.100.100).
Attacked Port: 1149.


Well may be you can trace it.

Regards
Luther


Posted by Sebastian Gottschalk on October 10, 2006, 7:46 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Luther wrote:

> It sound stranged. This website from a well know network company attemped
> to intrude into my system.

A website doesn't intrude, but hosts do.

> I have been accessing this website serveral
> time in the pass few months. Every time ended with abandoning due to
> slow in response.

So you have a network problem.

> However today I got a shock from Norton anti virus popup. As shown below.
>
> Details: Attempted Intrusion "NMap Xmas Scan" against your machine was
> detected and blocked.
> Intruder: www.dlink.com.sg(203.126.164.142)(21).
> Risk Level: Medium.
> Protocol: TCP.
> Attacked IP: ACE(192.168.100.100).
> Attacked Port: 1149.
>
> Well may be you can trace it.

1. A TCP segment with all flags set is neither a scan nor and medium risk
activity, most more likely related to your network problem.

2. Claiming it to be an attack, but not providing any useful details, and
even popping up a window is totally stupid.

3. NAV, like any other Norton product, is most likely itself the cause of
the problem.

Posted by mak on October 10, 2006, 7:59 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Luther wrote:
> Dear All,
>
> It sound stranged. This website from a well know network company attemped
> to intrude into my system. I have been accessing this website serveral
> time in the pass few months. Every time ended with abandoning due to
> slow in response.

are you sure that was the same website ?

> However today I got a shock from Norton anti virus popup. As shown below.
>
> Details: Attempted Intrusion "NMap Xmas Scan" against your machine was
> detected and blocked.
> Intruder: www.dlink.com.sg(203.126.164.142)(21).
the website, dns, and reverse lookup seem legit,

> Risk Level: Medium.
> Protocol: TCP.
> Attacked IP: ACE(192.168.100.100).
> Attacked Port: 1149.

either someone of their employees scans you or someone is spoofing their adress
and scans you.
the scan you shouldnt worry about.

what you should worry about: that there is no firewall _infront_of_ your pc,

if an intruder gets as far as your norton antivirus, that means you are
basically exposing your computer to the whole
big world.i am sure NA can be knocked out.

at _least_ turn on your XP firewall...

>
> Well may be you can trace it.
>
> Regards
> Luther
>

Posted by Sebastian Gottschalk on October 10, 2006, 8:09 am
If you were  Registered and logged in, you could reply and use other advanced thread options
mak wrote:

> what you should worry about: that there is no firewall _infront_of_ your pc,

Why? It's a home computer, it doesn't need any firewall or host-based
packet filter.

Posted by mak on October 10, 2006, 9:26 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Sebastian Gottschalk wrote:
> mak wrote:
>
>> what you should worry about: that there is no firewall _infront_of_ your pc,
>
> Why? It's a home computer, it doesn't need any firewall or host-based
> packet filter.

are you being cynical?

Similar ThreadsPosted
Wireless Intrusion Detection February 26, 2005, 10:24 pm
intrusion detection system November 15, 2006, 12:58 pm
Re: Is this a software intrusion or a normal circumstance January 3, 2006, 3:35 am
Re: Is this a software intrusion or a normal circumstance January 3, 2006, 3:42 am
Intrusion Detection & Prevention systems October 27, 2006, 3:22 pm
REVIEW: "The Art of Intrusion", Kevin D. Mitnick/William L. Simon July 27, 2005, 4:50 pm
How to get some worm... November 22, 2004, 5:21 pm
Worm? September 18, 2005, 2:28 pm
New Yahoo! IM Worm Emerges May 23, 2006, 3:16 pm
Yahoo worm in email! June 12, 2006, 11:42 am

The site map in XML format XML site map

Contact Us | Privacy Policy