General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHas anyone here noticed an increased amount of TCP and UDP port scanning attacks?
brooklynite
(93,834 posts)alwaysinasnit
(5,037 posts)vulnerability of entry points on your computer from your internet connection.
The Velveteen Ocelot
(115,267 posts)alwaysinasnit
(5,037 posts)has been showing that it is coming from a bunch of different computer ids.
RainCaster
(10,673 posts)If my crappy dsl connection was any faster, I would likely have more. I do block large geo IP blocks from China, NK RU and others. That seems to help.
sarah FAILIN
(2,857 posts)And how long back do you keep your records?
This is interesting
alwaysinasnit
(5,037 posts)sarah FAILIN
(2,857 posts)None of us would know what it was which makes me wonder why it was asked here.
Something about leaving the door open to Internet traffic and having more open than your security can cover and hackers get in. At least that's how I understood it.
nini
(16,670 posts)if that is what you mean :/
The Velveteen Ocelot
(115,267 posts)I have noticed, however, that the mosquitoes are especially aggressive tonight.
alwaysinasnit
(5,037 posts)defacto7
(13,485 posts)I haven't noticed anything unusual. Just the normal 24/7 inundation I've had for years. No one gets in though.
To add: I limit the number of port requests within one second from the same ip address to 3. If that's exceeded the ip is tared (blocked) for 30 minutes. If it happens repeatedly the ip is blacklisted for 30 days. It seems to serve my purpose. I haven't experienced the "work around" to any concerning extent.
alwaysinasnit
(5,037 posts)My software is blocking them but it is the increased activity and the many different computer IDs that these attacks are coming from that is unusual. Given the cyber shenanigans out there, would it be paranoid of me to think that any of this activity could be related to something other than the usual viruses out there?
defacto7
(13,485 posts)It's the way of things these days. I just added an edit to my last post with some info. The port scans are sometimes from your own provider, many are legit requsts, sometimes from script kiddies, virus activity and many times from nefarious others in the form of bots. Most of my repeated scans are from Russia and China but the range of ips are vast.
As long as they are kept at bay, they aren't the worst type of intrusion. The worst are the ones let in by our own mistakes.
alwaysinasnit
(5,037 posts)opened my eyes to more sources of entry attempts.
Recursion
(56,582 posts)These things come and go in waves