Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Port Scanning - ESAT

  • 31-03-2004 5:17pm
    #1
    brian_ire
    Registered Users Posts: 246 ✭✭


    Hi there, im on IOL BB and today my ports have been scanned over 50 times in less than an hour. I dont claim to know much about what a port scan in fact i dont know what a port scan is but i checked up the IP address and its coming from ESAT

    My firewall is telling me this "Somebody is scanning your computer.
    Your computer's TCP ports:
    1025, 6129, 135, 2745 and 3127 have been scanned from 213.202.145.79."

    On looking up the IP address i found this : "213.202.145.79 resolves to 213-202-145-79.dsl.esat.net"

    Any ideas what this is?


Comments

  • #2
    kida
    Closed Accounts Posts: 1,456 ✭✭✭kida


    looks like someone one the esat n/w is either consciously or not scanning open ports. Could be deliberate or could be an infected machine. I would report it to IOL,


  • #3
    Mutant_Fruit
    Closed Accounts Posts: 4,943 ✭✭✭Mutant_Fruit


    make sure you have the lastest windows patches and updates, it could be a trojan/virus thing scanning for computers to infect.


  • #4
    tuxy
    Closed Accounts Posts: 14,983 ✭✭✭✭tuxy


    probably someone looking for pc's infected with trojans
    port scans are harmless once your system is clean


  • #5
    brian_ire
    Registered Users Posts: 246 ✭✭brian_ire


    thanks guys, fired off an email to IOL there, see what the have to say. Think i might just give the computer a virus check aswell to be sure. :D


  • #6
    [Deleted User]
    Posts: 3,621 ✭✭✭ [Deleted User]


    Originally posted by kida
    looks like someone one the esat n/w is either consciously or not scanning open ports. Could be deliberate or could be an infected machine. I would report it to IOL,

    lol good luck.

    If IOL spend nearly two months in giving you broadband you ordered, what do you think the chances are they will make any sort of affirmative action on that?
    Especially when it doesn't involve giving them money.


  • Advertisement
  • #7
    Hugh_C
    Registered Users, Registered Users 2 Posts: 2,852 ✭✭✭Hugh_C


    Originally posted by brian_ire
    My firewall is telling me this "Somebody is scanning your computer.
    Your computer's TCP ports:
    1025, 6129, 135, 2745 and 3127 have been scanned from 213.202.145.79."

    Here's what the ports are used for...


    blackjack 1025/tcp network blackjack
    blackjack 1025/udp network blackjack

    # 6124-6140 Unassigned

    although 6129 is used by DameWare as an NT remote admin service

    epmap 135/tcp DCE endpoint resolution
    epmap 135/udp DCE endpoint resolution

    urbisnet 2745/tcp URBISNET
    urbisnet 2745/udp URBISNET
    # Urbis.Net Ltd <postmaster@urbis.net>

    a13-an 3125/tcp A13-AN Interface
    a13-an 3125/udp A13-AN Interface
    # Douglas Knisely <dnk@lucent.com>

    A bit of googling can tell you a bit more. One thing is for sure, whoever's doing it wants in.


  • #8
    brian_ire
    Registered Users Posts: 246 ✭✭brian_ire


    thanks hughchal, it don't really make much sense to me but ill take your word for it. and guess what, IOL didnt reply to my email... the SHOCK!


  • #9
    JHMEG
    Closed Accounts Posts: 7,686 ✭✭✭JHMEG


    Another thing that might be scanned for on the IOL network is the web admin interface for the ZyXEL DSL modem they give out: they do not disable access to the web interface from the outside world, nor do they change the default password on them either. An accident waiting to happen IMHO...


Advertisement