Well, this is embarrassing. Turns out my Bitcomet uses PORT 22349. All those connections are people trying to log back on to my longterm seeding. Whoopsie. Anywho, I'm still curious to the answer for my original question above.
-
Please click the link below for your operating system to download the TSG SysInfo Utility. Click on "Save File" then double-click the file to run it. Copy and paste the report in your initial post. Windows 7 and later (downloads a file named tsginfo.exe) | Windows XP (downloads a file named SysInfo.exe)
Inbound Events on Mcafee Firewall.
I'm not sure if this happens all the time, but I was going through my Mcafee settings and found the option to see all outbound, inbound, IDEs, etc. Being curious, I clicked on Inbound events only to see that I'm getting about 20 Inbound events every minute. Here's what the event detail says of one of them: A computer at xxx.xxx.xxx.xxx has attempted an unsolicited connection to TCP port 22349 on your computer. Now, about 99% of all the events show the same port - 22349. Very few of them show 1026, 1027, or 1028. I've done research on the latter three and it turns out that those ports are in fact very common among hack attempts. There has also been a few IPs constantly attempting to ICMP Ping me. Every now and then I see an event called Microsoft-SQL Server (or Monitor). Oh, and there are an extremely wide varieties of IPs that are logged in the events. Some are repeated multiple times. Like this one IP that keeps pinging me from the Middle Eastern/China area. I run virus scans twice a week using both Ad-aware and Mcafee, never picked anything up. However, I just ran a Malwarebyte scan and detected 2 files - but they were both registry changes from HJT (kind of weird). This post is getting a bit long, so I'll sum it up by asking: Do Inbound attempts happen all the time even if your system is clean?
- Status
- Not open for further replies.
1 - 4 of 4 Posts
If you want to know more about port security go to the following link.
http://www.grc.com
click on the "Shields Up" logo, then scroll down to "Hot Spots", and click on the "Shields Up". This is a very excellent place to start with port security. You will find out where the leaks are at, whether it is open, failed, passed, or stealth, and how to secure them. Just take your time, browse, and enjoy the site. I have been using this site for many years, and have had a lot of success using it for other peoples pc's. :up:
But TSG is the best for any kind of answer. I kinda stumbled on the site when I D/L'd Firefox. Being the Alpha-Geek-Nerd that I am, I decided to go through the whole add ons section, (recommend at least two days off). Then I found the add-on for TSG read a bit about them and then went to the site, liked what I saw and added the 'add-on',. Glad I did! Sorry about the long post, I do hope this gets you going.
http://www.grc.com
click on the "Shields Up" logo, then scroll down to "Hot Spots", and click on the "Shields Up". This is a very excellent place to start with port security. You will find out where the leaks are at, whether it is open, failed, passed, or stealth, and how to secure them. Just take your time, browse, and enjoy the site. I have been using this site for many years, and have had a lot of success using it for other peoples pc's. :up:
But TSG is the best for any kind of answer. I kinda stumbled on the site when I D/L'd Firefox. Being the Alpha-Geek-Nerd that I am, I decided to go through the whole add ons section, (recommend at least two days off). Then I found the add-on for TSG read a bit about them and then went to the site, liked what I saw and added the 'add-on',. Glad I did! Sorry about the long post, I do hope this gets you going.
1 - 4 of 4 Posts
- Status
- Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
