Someone keeps port scanning me :(

Discussion in 'Windows, Linux & Others on the Mac' started by contoursvt, Oct 4, 2009.

  1. macrumors 6502a

    Joined:
    Jul 22, 2005
    #1
    ...or at least this is what I see in my firewall logs often (there are hundreds of these)


    10/03/2009 12:53:15.288 - Possible Port Scan - Source:74.86.98.223, 56025, WAN

    10/03/2009 13:42:59.176 - Possible Port Scan - Source:74.86.98.223, 56025, WAN

    10/03/2009 13:59:19.320 - Possible Port Scan - Source:74.86.98.223, 56025, WAN

    10/03/2009 20:15:21.400 - Probable Port Scan - Source:74.86.98.223, 56025, WAN

    10/04/2009 02:12:49.848 - Ini Killer Attack Dropped - Source:74.86.98.223, 56025, WAN

    10/04/2009 02:18:28.304 - Probable Port Scan - Source:74.86.98.223, 56025, WAN


    So I did a trace route and it goes back to a place called softlayer.com

    I did a port scan back to see if I could identify at least what was doing this and I found a terminal services port open. If I connect to that IP, I get greeted by a windows server 2003 R2 box.

    Whats my best course of action at this point? I initially thought of releasing and renewing my IP from my ISP but it keeps giving me the same IP back. Should I just give them a call?

    Any suggestions welcome
     
  2. macrumors 6502a

    electroshock

    Joined:
    Sep 7, 2009
    #2
    For starters, make sure you're blocking anything from that IP (or even subnet if so inclined). Beyond that, unless they're actually doing damage or interfering with your service or bandwidth, not really much of a point to calling them or the ISP. Too many bigger fish to fry and not enough time/resources and all that jazz.

    Port scans by themselves aren't harmful, especially if all of your doors and windows are locked and properly secured. It's just a wannabe burglar jiggling the locks to see if something has been left open.
     

Share This Page