close

Privacy guaranteed - Your email is not shared with anyone.

Q about port attacks from the internet...

Discussion in 'Tech Talk' started by aircarver, Dec 29, 2005.

  1. aircarver

    aircarver Ride Continues Silver Member

    So DSL finally came to my area & I ditched the modems for a home network behind a router firewall.

    Reading the router logs, it's been under continuous attack from the internet since it was turned on. Appears to be a robotic pinging of ports in serial fashion, from a wide variety of IPs.

    My question is: it appears to be a small number of port numbers (33473 to 33509 serially, 1026 & 1027 a lot... 22, 137, 443 ) What's special about THESE ports that they keep recurring in the attack ?

    For educational purposes... I don't think I have a problem, since the router firewall is bouncing all of these. Any suggestions on things I should tighten up on in the firewall settings ?

    Thanks,
     
  2. Toyman

    Toyman

    2,599
    33
    May 6, 2003
    West Michigan
    Not a lot special about the ports really, but some are used for specific things, like 137 is used by Windows for the NetBIOS Name Service (Windows Networking). For example, if you didn't have a firewall and had File Sharing on, I could possibly simply query your computer and access your files, all of that would start off on port 137.

    443 is SSL Encrypted HTTP, etc.

    It's most likely that the ports being scanned are associated with various known security holes, which if left unpatched would possibly give a hacker a way in.
     

  3. aircarver

    aircarver Ride Continues Silver Member

    Thanks guys !!

    It was informative.

    [Contemplates how to send a 440 volt e-mail to the port probers......]

    ;f