[Dshield] Need Some Help Please

Joseph Stahley 3rd jestahley3 at cox.net
Sat Jan 17 00:51:26 GMT 2004


Below is a portion of my incoming log from yesterday. I noticed quite a few
hits from some of the problem ports. Was wondering if I could get some
feedback as to fixing these or my setup. My setup consists of the following:
 
 I'm on Cox HSI using a cable modem, I have a Linksys Router (BEFSR41 4-port
cable/dsl firmware version 1.45.7 Jul 31,2003) linked to 3 other computers
in the house, one running Win2k Pro and 2 running WINXP Pro, with MS Office
2003 on all 3. Non of the computers are static ip at the moment (maybe part
of the cause). 
 
I also have all computers up to date with latest service packs, hotfixes and
patches, including the KB833330 blaster worm tool installed.Latest Virus
definitions and scans up to date, all adaware scans up to date as well.
 
My router is the DMZ and has DHCP server enabled. Block Wan,Multicast Pass
Through,IPSec and PPTP pass throughs are enabled. I am not running any IIS,
SQL or exchange servers as well. At this time I am not forwarding any ports
that I am aware of through the linksys setup page.
 
I'm thinking maybe I should do the following:
 
1. Setup Static Ip's
2. Install Norton Internet Security 2003 on all machines
 
Any help would be appreciated,
 
Thanks in adavance,
 
Joseph
 
IO	 SOURCE IP	 URL	 LPORT	 LOCAL IP	 DPORT	
I	 4.8.142.16	  	 3498	 68.8.122.110	 135	
I	 63.212.149.117	  	 1529	 68.8.122.110	 135	
I	 65.230.184.111	  	 3915	 68.8.122.110	 135	
I	 67.225.126.243	  	 3510	 68.8.122.110	 135	
I	 67.234.10.187	 1cust187.tnt29.dfw9.da.uu.net	 3553
68.8.122.110	 135	
I	 67.234.71.16	 1cust16.tnt26.dfw9.da.uu.net	 1627
68.8.122.110	 135	
I	 67.234.77.38	 1cust38.tnt32.dfw9.da.uu.net	 3402
68.8.122.110	 135	
I	 67.240.20.51	  	 3943	 68.8.122.110	 135	
I	 67.249.230.178	 1cust178.tnt43.dca5.da.uu.net	 3554
68.8.122.110	 135	
I	 67.251.42.90	  	 4925	 68.8.122.110	 135	
I	 67.38.242.72	  	 4765	 68.8.122.110	 135	
I	 67.39.33.235	  	 2345	 68.8.122.110	 135	
I	 67.74.65.203	  	 2753	 68.8.122.110	 135	
I	 67.8.157.151	 151.157.8.67.cfl.rr.com	 4883
68.8.122.110	 135	
I	 200.95.61.10	  	 61770	 68.8.122.110	 137	
I	 203.170.209.2	 !	 61371	 68.8.122.110	 137	
I	 203.177.108.58	 !	 1026	 68.8.122.110	 137	
I	 203.242.245.134	 client	 1028	 68.8.122.110	 137	
I	 211.168.79.59	 !	 1027	 68.8.122.110	 137	
I	 218.15.236.94	 hjxx-q0iydhzioq	 65393	 68.8.122.110	 137

I	 218.72.205.171	 b	 1027	 68.8.122.110	 137	
I	 218.88.119.188	 master	 1025	 68.8.122.110	 137	
I	 218.89.55.213	 !	 10339	 68.8.122.110	 137	
I	 218.9.209.130	  	 1025	 68.8.122.110	 137	
I	 219.133.17.179	 !	 1026	 68.8.122.110	 137	
I	 61.202.80.132	 n080132.ppp.dion.ne.jp	 1034	 68.8.122.110	 137

I	 64.228.108.154	 toronto-ppp221845.sympatico.ca	 1026
68.8.122.110	 137	
I	 80.50.54.182	 pw182.neoplus.adsl.tpnet.pl	 1031
68.8.122.110	 137	
I	 81.196.44.104	 81.196.44.104.rdsor.ro	 1026	 68.8.122.110	 137

I	 202.57.71.124	 adsl-57.71.124.info.com.ph	 4734
68.8.122.110	 139	
I	 202.57.71.124	 adsl-57.71.124.info.com.ph	 4734
68.8.122.110	 139	
I	 67.38.242.72	  	 4107	 68.8.122.110	 445	
I	 67.39.33.235	  	 2535	 68.8.122.110	 445	
I	 68.8.101.219	 ip68-8-101-219.sd.sd.cox.net	 3230
68.8.122.110	 445	
I	 68.8.124.77	 ip68-8-124-77.sd.sd.cox.net	 3668
68.8.122.110	 445	
I	 68.8.124.77	 ip68-8-124-77.sd.sd.cox.net	 3668
68.8.122.110	 445	
I	 68.8.150.214	 ip68-8-150-214.sd.sd.cox.net	 4165
68.8.122.110	 445	
I	 68.8.163.77	 ip68-8-163-77.sd.sd.cox.net	 3383
68.8.122.110	 445	
I	 68.8.179.252	 ip68-8-179-252.sd.sd.cox.net	 2160
68.8.122.110	 445	
I	 68.8.187.211	 ip68-8-187-211.sd.sd.cox.net	 3923
68.8.122.110	 445	
I	 68.8.191.170	 ip68-8-191-170.sd.sd.cox.net	 3072
68.8.122.110	 445	
I	 68.8.61.75	 ip68-8-61-75.sd.sd.cox.net	 1098
68.8.122.110	 445	
I	 68.8.70.210	 ip68-8-70-210.sd.sd.cox.net	 4097
68.8.122.110	 445	
I	 68.8.82.139	 ip68-8-82-139.sd.sd.cox.net	 4481
68.8.122.110	 445	
I	 68.8.82.139	 ip68-8-82-139.sd.sd.cox.net	 1537
68.8.122.110	 445	
I	 67.82.178.211	 ool-4352b2d3.dyn.optonline.net	 3490
68.8.122.110	 901	
I	 199.105.117.115	 tthhgg-gvsvy95k	 4849
68.8.122.110	 1026	
I	 203.255.3.247	 !	 21221	 68.8.122.110	 1026	
I	 209.187.118.2	 ooccnn-wgta3yls	 2702	 68.8.122.110
1026	
I	 209.187.118.2	 ooccnn-wgta3yls	 1139	 68.8.122.110
1026	
I	 67.171.164.161	  	 3120	 68.8.122.110	 1243	
I	 202.108.249.21	 !	 1055	 68.8.122.110	 1434	
I	 202.188.40.126	 klg-40-126.tm.net.my	 3192	 68.8.122.110
1434	
I	 81.134.55.232	  	 3230	 68.8.122.110	 1434	
I	 63.207.13.128	  	 113	 68.8.122.110	 3095	
I	 24.168.227.9	 cae168-227-009.sc.rr.com	 2179
68.8.122.110	 17300	
 



More information about the list mailing list