? Port Scanning ?

[ashiezai 0]

hello there .. i might need some help from u guys..actually this problem existed a long time ago .. but nothing serious happens so i ignore it often ..my sygate firewall often detects incoming port scan from a remote host .. everytime when i connect to internet .. there comes the port scanning ..but i've my norton n spybot updated n scanned very often and couldnt find any trojan or anything ..i've tried to backtrace the ip but failed .. is there any thing i can do ? i just try to ping the remote host .. anyway i can send a msg to the ip ?now im just pinging the remote host but i couldnt think the reason y im doing this

[2091 0]

i think u shuld try a "whois" ... else u have to figure out, what kind of proxy the "attacker" use. then u can send a notification to the proxy and they'll block the ip from him

[dawu 0]

This is nothing serious, just ignore it.Random people scan random IPs for open ports, if you have your ports closed then you have nothing to be afraid of.Tracing the IP, why? A bored guy decided to scan IPs, ranged x.x.x.x - x.x.x.x for specific ports, if he finds any he will probably try to abuse them, but he will most likely fail, because these guys are just lame.You should be alerter if you get numerous attempts from the same IP, then try to contact it.

[ashiezai 0]

each time i online .. there'll be 3 attempts of port scanning by a specific ipand each time the ip is different and each attempt will scan 5 ports of mine ..so how to i 'whois' them ?

[dawu 0]

like I said, that is harmless.I used to get from around 300 - even 800 hits per day...anyway, if you so want to whois them....you basicly can't, you can traceroute them to see where the IP is coming from, ping them to see if they are alive and scan them back for ports and OS.