Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Firewall allowing connection

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > General IT Discussion
Reload this Page Firewall allowing connection
Register FAQ Community Calendar

Firewall allowing connection
Reply
Page 3 of 3 12 3
 
Thread Tools
Old 14-08-2003, 11:18   #31
Taf
cf.mega poster
 
Taf's Avatar
 
Join Date: Jun 2003
Location: Kairdiff-by-the-sea
Age: 69
Services: TVXL BBXL Superhub 2ac (wired) 1Tb Tivo
Posts: 10,367
Taf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny star
Taf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny starTaf has a nice shiny star
It's still happening:

Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-clif2-5-cust97.nott.cable.ntl.com 3500 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:44 cache1.ntli.net DNS Outbound UDP 5870 bytes 1061 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-clif2-5-cust97.nott.cable.ntl.com 3500 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-derb2-5-cust208.nott.cable.ntl.com 3800 Inbound TCP 60 bytes 72 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc3-bary1-6-cust113.cdif.cable.ntl.com 4758 Inbound TCP 60 bytes 72 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 81-86-170-247.dsl.pipex.com 1857 Inbound TCP 60 bytes 72 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-leic4-3-cust105.nott.cable.ntl.com 2284 Inbound TCP 60 bytes 72 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 81-86-228-6.dsl.pipex.com 2993 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-stme1-5-cust56.cdif.cable.ntl.com 3817 Inbound TCP 100 bytes 1776 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-ldry1-3-cust145.blfs.cable.ntl.com 2872 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-glfd2-6-cust226.glfd.cable.ntl.com 3182 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-bolt5-5-cust139.mant.cable.ntl.com 3370 Inbound TCP 60 bytes 72 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc4-bsfd2-4-cust103.cmbg.cable.ntl.com 1741 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-with1-4-cust109.bagu.cable.ntl.com 3878 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc1-darl2-6-cust19.midd.cable.ntl.com 3955 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc3-blfs2-6-cust208.blfs.cable.ntl.com 4658 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc3-bary1-6-cust113.cdif.cable.ntl.com 4501 Inbound TCP 0 bytes 0 bytes
Allow activity for application SVCHOST.EXE SVCHOST.EXE 14/08/2003 09:27:21 pc4-ely11-4-cust40.cdif.cable.ntl.com 1685 Inbound TCP 0 bytes 0 bytes
Taf is offline   Reply With Quote
Advertisement
Old 28-08-2003, 12:14   #32
MadGamer
Inactive
 
MadGamer's Avatar
 
Join Date: Jun 2003
Location: Essex
Age: 37
Services: Sky multiroom (Sky Q) Sky Fibre Unlimited Sky Landline
Posts: 8,851
MadGamer has a nice shiny star
MadGamer has a nice shiny starMadGamer has a nice shiny star
Right i have updated my virus definations and done an anti virus scan on my PC. I also used the msblaster tool to check weather i had been affected or not. is there anything else i should do to protect myself?
MadGamer is offline   Reply With Quote
Old 28-08-2003, 15:54   #33
ntluser
Inactive
 
ntluser's Avatar
 
Join Date: Jun 2003
Location: Manchester
Age: 78
Services: Virgin Media XL Telephone,TV with Tivo box & Superhub3 upto 150Mb Broadband, Sky World, & Freeview+
Posts: 1,901
ntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of society
I use the Outpost firewall and have Windows 98 SE. When I recently tested my computer against the Shields Up testing at Steve Gibson's site I was told that all my ports were stealthed apart from 110 and 143, which were shown as 'closed'.

As I wanted all ports to be 'stealthed' I went to the outpost options, selected the application tab and removed all the trusted applications. When I retried the test all ports were 'stealthed'.

Though 'stealth mode' means that your ports do not respond and therefore do not show they exist, it also means that you cannot have any trusted applications and all applications have to have rules written for them.

I think you might find that doing this will solve your problems, Taf.
ntluser is offline   Reply With Quote
Old 28-08-2003, 16:16   #34
Lord Nikon
Inactive
 
Join Date: Jun 2003
Location: NW UK
Posts: 3,546
Lord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze array
Lord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze arrayLord Nikon has a bronze array
Actually, I use Sygate Pro and have trusted apps, all ports STILL show stealthed
Lord Nikon is offline   Reply With Quote
Old 28-08-2003, 16:44   #35
Chris
Trollsplatter
Cable Forum Team
 
Chris's Avatar
 
Join Date: Jun 2003
Location: North of Watford
Services: Humane elimination of all common Internet pests
Posts: 38,301
Chris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden aura
Chris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden auraChris has a golden aura
svchost.exe is a windows system file targeted for attack by the msblast virus. Ensure your firewall is set to block absolutely everything (I'm assuming you're not running anything for which you would actually want anyone to be able to access your PC remotely) and that should keep you covered.

I noticed that the majority of hits stopped by my firewall in recent days were from other ntl customers. Interesting to find out why...

As to what they're doing about it, you should have had an email from them warning you about the msblast virus and explaining where to go to get a windows patch to protect yourself, and where to get a fix if you're infected.
Chris is offline   Reply With Quote
Old 28-08-2003, 16:46   #36
ntluser
Inactive
 
ntluser's Avatar
 
Join Date: Jun 2003
Location: Manchester
Age: 78
Services: Virgin Media XL Telephone,TV with Tivo box & Superhub3 upto 150Mb Broadband, Sky World, & Freeview+
Posts: 1,901
ntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of societyntluser is a pillar of society
Quote:
Originally posted by Lord Nikon
Actually, I use Sygate Pro and have trusted apps, all ports STILL show stealthed
Interesting. Maybe, with Outpost that would work too. I suppose it depends on which applications you trust, thus it might be possible to have stealthed ports and some trusted apps after all. Worth a little experimentation, methinks!!

Thanks for that!!
ntluser is offline   Reply With Quote
Old 28-06-2005, 20:20   #37
pallikhera
Inactive
 
Join Date: Jun 2005
Posts: 1
pallikhera is an unknown quantity at this point
Re: Firewall allowing connection
I have Norton Antivirus installed it just gave me a warning "port 1027 attempting inbound blah blah" and i blocked it and it never came back.
I installed IDman with browser integration this doesnt have to do anything with that,does it?....if i am way off sorry i am a fool.
pallikhera is offline   Reply With Quote
Old 28-06-2005, 21:22   #38
Gareth
cf.mega poster
 
Gareth's Avatar
 
Join Date: Dec 2003
Age: 50
Posts: 7,101
Gareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny stars
Gareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny stars
Re: Firewall allowing connection
Blimey, bit of an old thread to revive.

Welcome to the forum, by the way
Gareth is offline   Reply With Quote
Old 28-06-2005, 21:31   #39
AndrewJ
Inactive
 
AndrewJ's Avatar
 
Join Date: Nov 2004
Posts: 7,737
AndrewJ has a nice shiny star
AndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny starAndrewJ has a nice shiny star
Re: Firewall allowing connection
Bump of the year award.

I am sure if you re-read the main of this thread you will get jist of it, generally the blaster worm tends to reboot your computer, by force by terminating a .exe system command process.

There is many patches on www.google.com if you search under msblast.exe patch.
AndrewJ is offline   Reply With Quote
Reply
Page 3 of 3 12 3

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 00:31.

Contact Us - Service Status - Cable Forum - Archive - Privacy Statement - Terms of Service - Top

Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum
Copyright © 2026 Cable Forum Hosted On Hetzner Cloud