[Dshield] port 137 probes
rilya1 at yahoo.com
Mon Nov 18 13:59:52 GMT 2002
According to the IANA master port list, 10254 is
unassigned. But the CPU spikes are happening to me,
too, and I think that's a big part of my problem.
As for Norton's firewall, it has great logging
capabilities but is very leaky, as I found out the
hard way last year. I had stringent rules in place
against a number of IPs but when I looked at my logs,
I'd see a lot of "Rule Block <whatever> ignored".
YIKES! Now I use either ZoneAlarm Pro, Sygate Pro, or
Outpost (depending on my mood, LOL).
--- Gravyface <gravyface at bmfsquad.com> wrote:
> I'm in the same boat except that my UDP probes are
> at about 6000+ daily
> against port 10254 -- a port that I can find ZERO
> information on.
> I have the latest signature files from Norton and
> have completed two full
> system scans. The port is blocked but the incessant
> hammering is causing my
> cpu usage to spike.
> ----- Original Message -----
> From: "rilya byor" <rilya1 at yahoo.com>
> To: <list at dshield.org>
> Sent: Saturday, November 16, 2002 11:47 PM
> Subject: [Dshield] port 137 probes
> > Help... I've lately been logging hundreds of port
> > probes a day, which I understand are coming from
> > Tanatos/Bugbear worm. Of course, I have netbios
> > disabled and ports 137-138-139 stealthed, but I'm
> > having a terrible time maintaining a usable dialup
> > connection; I log on and a few minutes later the
> > connection freezes up and I have to redial again,
> > again... Is all this port 137 activity the cause
> > this? My ISP has no explanation (but what do they
> > know...) If so, what can I do to prevent it? My
> > phone bill is going to be astronomical if this
> > up.
> > Tnx,
> > Rilya1
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Web Hosting - Let the expert host your site
> > http://webhosting.yahoo.com
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or
> unsubscribe), see:
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
More information about the list