Intego Firewall Log - Can someone interpret, please?

Discussion in 'Mac Apps and Mac App Store' started by BigMacNApples, Jan 23, 2011.

  1. BigMacNApples macrumors newbie

    Joined:
    Jan 23, 2011
    #1
    Hi, I'm a Mac noob, having only used an iMac under a year.

    I've installed Intego VirusBarrier X6, cuz I'm one of those security-worry types.

    Recently, around midnight, while my iMac is in sleep mode, my Intego Firewall Log shows that it's blocking an incoming connection from within a network, particularly a house tenant's Windows HP laptop.

    The source is the tenant's computer. And for about an hour, incrementally different ports from his computer tries to interact with my destination ports (135, 139, and 445), using a TCP SMB/CIFS Windows service file, TCP Microsoft Domain Server, or his TCP Port 135.

    Now I don't want to be rude and confront him while looking all paranoid.

    Could someone tell me what my log means? Am I being hacked? Is his computer infected? Or is it standard for computers to "sniff" each other out?

    Thank you,
    BigMacNApples
     
  2. BigMacNApples thread starter macrumors newbie

    Joined:
    Jan 23, 2011
    #2
    Attached is a screenshot of the log.

    Thanks.
     

    Attached Files:

  3. munkery, Jan 23, 2011
    Last edited: Jan 23, 2011

    munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #3
    Ports 135, 139, and 445 are associated with the most commonly exploited services in Windows NT based operating systems (includes XP, Vista, & 7). I think it is fair to suggest that his machine might be a host to malware that is attempting to spread within the network.

    It may be something else? Possibly related to Windows "Homegroups" for media sharing? I think WMP uses port 445 with the SMB protocol.

    These are not the default ports used for service discovery (to "sniff" each other out).

    It is highly unlikely you are being hacked. FYI, more about Mac OS X firewalling -> 1 & 2
     
  4. BigMacNApples thread starter macrumors newbie

    Joined:
    Jan 23, 2011
    #4
    Thank you.

    I'll take note of that.

    Now I'll have to check my other Windows computers.

    -BMnA
     

Share This Page