The last several days I’ve been getting quite a few notices from my Norton SystemWorks about attempts to access my computer by “worms.” The most recent was earlier this afternoon:
Details: Attempted Intrusion “Portscan” against your machine was detected and blocked.
Intruder: 7.12.12.16(13364).
Risk Level: Medium.
Protocol: UDP.
Attacked IP: PDDOC-G5G26QUAN(207.119.206.249).
Attacked Port: 1034.
Click the address to trace the attacker.
Details: Intrusion detected and blocked. All communication with 7.12.12.16 will be blocked for 30 minutes.
The notices were somewhat lacking in information about the worms and I’m not very knowledgeable about computer worms, so I decided to google it using the words portscan and worm.
It turns out, as I now understand it, that there are a number of different software “ports” for computers used for various kinds of communication. For instance, one “port” might be used for outgoing e-mail and others are used for incoming e-mail, instant messaging, etc.
A portscan worm is a probe coming in from the internet that scans these ports looking for opportunities to enter a vulnerable computer and do its dirty work.
I can’t think of anything good about this, except that SystemWorks appears to be successful in stopping it — for now.
Post from one of my abandoned blogs – North Farnham Freeholder – recovered from Internet Archive WayBackMachine March 2011
Click for Exit78 Pinterest policy.
Comments on this entry are closed.
{ 1 trackback }