|
Posted by N. Miller on August 7, 2005, 2:54 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> i have mc afee protections i keep getting attempts to use my computer and
> questions do you trust this site.
McAfee really shouldn't be asking about allowing inbound connections. Those
inbound connections which aren't responses to outbound requests should be
blocked automatically.
> what are the trusted ip addresses.
Very few. If you run a LAN, your LAN IP addresses should be trusted. If you
run a server, well; you really need to learn a whole lot about what happens
when you run a server. For most people, that isn't an issue; most people
don't run servers.
> following the ip pool 70 - 20118-113-pitt.east.verizon.net address would
> this be a hacker
No way to tell without seeing the actual packets sent. UDP packets to ports
1025-1030 would be typical of messenger spam, though. I mostly see those on
ports 1026/1027; my router blocks them. Other ports would be indicative of
other activity. I mostly see messenger spam, or automated RPCSS worm
activity. After that I see relay attempts on my MTA. I rarely see anything
that could be attributed to "hacking"; as a conscious activity directed by
a human agent at my connection.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
| 
XML site map