What is this?

jannier

jannier

Expert Member
Joined
Jul 31, 2005
Messages
2,482
Reaction score
536
Location
Cape Town
Hi,

Can the clever guys who know please tell me what this is, and if I should worry, and what to do if it is a threat.
I run Avast Free Antivirus v8.x.
Win7 X64
Windows firewall is on
PC is connected to NAT'ed router.

The router firewall log is showing this:
I replaced the last few digits of my IP with xxx

Jun 8 15:32:15 HackAttack: [SPI:Illegal connection state attack] TCP packet from [ppp0] 74.125.233.63:443 to 105.236.xxx.xxx:51138
Jun 8 15:32:15 HackAttack: [SPI:Illegal connection state attack] TCP packet from [ppp0] 74.125.233.63:443 to 105.236.xxx.xxx:51139
Jun 8 15:34:05 HackAttack: [SPI:Illegal connection state attack] TCP packet from [ppp0] 68.64.146.210:80 to 105.236.xxx.xxx:51206
Jun 8 15:42:30 HackAttack: [SPI:Illegal connection state attack] TCP packet from [ppp0] 199.16.156.40:80 to 105.236.xxx.xxx:51516
Jun 8 15:45:18 HackAttack: [SPI:Illegal connection state attack] TCP packet from [ppp0] 68.64.146.210:80 to 105.236.xxx.xxx:51557
 
Hi There,
Looks like someone is trying to get into your computer.
What is Avast saying?
Have you done any scans and what settings have you go on in Avast?
Obviously keep your Avast software up to date and make sure that you scan regularly

Regards

Tim
 
Hi Tim,

AVAST is up to date, and not complaining.
Even did a full online and off line scan.

I did some research and I found that I can ignore most of these, some are harmless pings, others can be port scans.
The router successfully denied access.

I also did a "shields up" test and it reported my computer is totally safe, not visible on the net to hackers.
https://www.grc.com/x/ne.dll?bh0bkyd2
 
lol...

That is a misconfiguration rule set ;)

That address is google

Host Name: jnb01s01-in-f31.1e100.net
IP address is numbered 74.125.233.63.
This IP address is active in United States, and refers to Mountain View, California.
IP Country code is US. IP address ISP is "Google", organization is "Google".
It's hostname is jnb01s01-in-f31.1e100.net.
IP address latitude is 37.419201 and longitude is -122.057404. Postal code of this IP is 94043 and area code is 650.

You might want to disable remote services and ... netbios :rolleyes:
 
Last edited:
They are disabled.
First thing I do when I install OS.

I have no rule set/s configured anywhere.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X