IP attacks on my computer

  • Thread starter Thread starter Solitary Soul
  • Start date Start date
S

Solitary Soul

Hi Gang,

Norton Firewall keeps popping up with warnings:

"A remote computer is attempting to establish a connection
with your computer"

The IP address of the computer trying this is 172.155.43.131:1992

In the past (since Dec. 31), it's been as follows:
Remote Address: 68.192.121.187:2823
Remote Address: 68.192.121.187:2110
Remote Address: 200.115.199.227:3041
Remote Address: 204.168.52.154:1185
Remote Address: 67.11.203.250:6979
Remote Address: 66.65.135.79:13199
Remote Address: 68.84.44.175:1736
Remote Address: 81.166.184.93:3799
Remote Address: 199.183.76.50:0

Who is attacking my computer?
... and is there anyone that I can report them to?


Thanks,

Solitary Soul
=======================
 
Norton Firewall keeps popping up with warnings:

"A remote computer is attempting to establish a connection
with your computer"

The IP address of the computer trying this is 172.155.43.131:1992

In the past (since Dec. 31), it's been as follows:
Remote Address: 68.192.121.187:2823
Remote Address: 68.192.121.187:2110
Remote Address: 200.115.199.227:3041
Remote Address: 204.168.52.154:1185
Remote Address: 67.11.203.250:6979
Remote Address: 66.65.135.79:13199
Remote Address: 68.84.44.175:1736
Remote Address: 81.166.184.93:3799
Remote Address: 199.183.76.50:0

Who is attacking my computer?
... and is there anyone that I can report them to?
Click to expand...
You've got a number of IPs there. Some can be traced back
(Easysurf, RoadRunner eg). Others are not obvious but could be tracked
down. Bottom line is that it is not one attacker. It is many.

Somewhere some machines are infected with something and are trying to
access your machine (and other machines). Norton Internet Firewall is
keeping them out. This is an example of the general crud that is
floating around the Internet. I wouldn't worry about it too much.

Cheers,

Cliff
 
Do a search for "ip trace" and you will get hits on different trace
engines. Or you can just try this one,
http://www.ip-to-location.com/free.asp it's a commercial service but
you can do 20 free lookups per day and it has a good trace method,
giving you the ISP and the city where the server is located. Some of
the other trace engines don't give as much details. Also drop the colon
and everything after for the search, these are not part of the IP
address, ie don't search 68.192.121.187:2823 search 68.192.121.187

However, as the other poster has said what difference will it make if
you know where it comes from other than satisfying your curiosity? Your
firewall is doing its job. But if your getting constant probes from the
same IP then you may have grounds to complain to the ISP and have a
hacker removed.

John
 
I have to track down a LOT of intrusions on our network
here at work and a great source to look these up is at
www.arin.net

Not only will it tell you who(which ISP) assigned the IP
address, but it almost always has an abuse e-mail address
listed for that ISP that you can write to to report the
offenses.

But like someone else posted - this is "normal" internet
activity. There are probably millions of computers out
there with small viruses that are being used by hackers
and script kiddies to do some things such as this. Don't
be overly concerned with it because it's never going to go
away.
 
Do a search for "ip trace" and you will get hits on different trace
engines. Or you can just try this one,
http://www.ip-to-location.com/free.asp it's a commercial service but
you can do 20 free lookups per day and it has a good trace method,
giving you the ISP and the city where the server is located. Some of
the other trace engines don't give as much details. Also drop the colon
and everything after for the search, these are not part of the IP
address, ie don't search 68.192.121.187:2823 search 68.192.121.187

However, as the other poster has said what difference will it make if
you know where it comes from other than satisfying your curiosity? Your
firewall is doing its job. But if your getting constant probes from the
same IP then you may have grounds to complain to the ISP and have a
hacker removed.

John
Click to expand...

I'm getting hit again, as I type this.

THANKS for the info, John!


Solitary Soul
=======================
 
Do a search for "ip trace" and you will get hits on different trace
engines. Or you can just try this one,
http://www.ip-to-location.com/free.asp it's a commercial service but
you can do 20 free lookups per day and it has a good trace method,
giving you the ISP and the city where the server is located. Some of
the other trace engines don't give as much details. Also drop the colon
and everything after for the search, these are not part of the IP
address, ie don't search 68.192.121.187:2823 search 68.192.121.187

However, as the other poster has said what difference will it make if
you know where it comes from other than satisfying your curiosity? Your
firewall is doing its job. But if your getting constant probes from the
same IP then you may have grounds to complain to the ISP and have a
hacker removed.

John
Click to expand...

I performed a trace on the IP addy that was hitting me the most
and alerted the ISP.


Thanks John!


Solitary Soul
=======================
 
I have to track down a LOT of intrusions on our network
here at work and a great source to look these up is at
www.arin.net

Not only will it tell you who(which ISP) assigned the IP
address, but it almost always has an abuse e-mail address
listed for that ISP that you can write to to report the
offenses.

But like someone else posted - this is "normal" internet
activity. There are probably millions of computers out
there with small viruses that are being used by hackers
and script kiddies to do some things such as this. Don't
be overly concerned with it because it's never going to go
away.
Click to expand...

Thanks for the response - I've got this site bookmarked,
along with the one John gave me.


Solitary Soul
=======================
 
Back
Top