NIO and port scans - Part Deux

Earlier today I posted a problem I'm having with NIO dealing with port scans. I fixed the problem, but not I'm having a different problem.
I'm running a client/server app, working on the server. I make the connection to the server and do everything normally, everything's fine. However, if I make the connection and drop it in the middle the Selector just goes crazy and gets into an infinite loop and consumes vast amounts of system resources. It's like it's not paying attention to see if there's an IO on SelectorKey. It just does it's select() and keeps on going.
Does anyone know how I could tame the beast?
Thanks

Unfortunately for you, you felt compelled to cross-post this, so you're just wasting people's time.
http://forum.java.sun.com/thread.jsp?thread=457806&forum=4&message=2092226

Similar Messages

  • Symantec and port scan attacks

    I have found many post on the port scan attacks created by Symantec on client computers, however it seems my port scan attacks are being blocked on the Spiceworks server side.  All the clients are showing up in spiceworks with no scan errors, but when logged onto Spiceworks server there is a port scan attack every few minutes from the clients.
    This topic first appeared in the Spiceworks Community

    No. While the encryption of your wireless network is mandatory to protect other people in your proximity to access your network, computers, internet connection or eavesdrop your computers it has nothing to do with port scan attacks. Port scan attacks originate from the internet. The router will block those unless you have configured port forwardings on your router or a computer opened ports on the router through UPnP. This is because your router does NAT which makes the LAN unaccessible from the internet.
    Port scans are not really attacks but just the general "noise" in the internet. There is nothing you can do about it except not using the internet. As long as you don't have open ports there is nothing to worry about. And even if you have opened a port for instance for gaming it still depends on whether the program listening on that port is vulnerable or not.

  • Adding port and port scan

    Hello,
    I want to open a port (say 4010). Below is what I try...
    I go to System Preferences->Sharing->Firewall, and click New.
    Then I select PortName: Other, TCP Port Numer: 4010, UDP Port Numer: 4010, description: MyNewPort.
    I see that MyNewPort is checked and that the Firewall is On.
    I then open Network Utility, click on Port Scan tab, and scan 127.0.0.1 for ports between 4000 and 4020.
    It reports:
    Port Scan has started...
    Port Scanning host: 127.0.0.1
    Port Scan has complee...
    (it doesn't find 4010). Why? What's going on?
    help is welcome,
    Kamel

    well, what I've done is try to open a telnet session on port 4010 of localhost.
    I gave the error message resulting from this in my previous post.
    the program I mentioned that listens to port 4010 can actually be told to listen to any port. I want to check that it does in fact work by sending info to a port using telnet. As of now, I'm stuck at the point of getting telnet to send to the port.
    I think telnet fails because the port is NOT in fact open--since this is what is shown by the Network Utility port scan. But as described earlier, I've set it open in System Prefereneces->...->Firewall, and also in my router administration page.

  • HT201371 I have a brand new 5S running ios 7.04. There's no "Edit" button on the screen, no apparent way to delete a non-working scan and the scan part does nothing. ios bug or ???

    I have a brand new iPhone 5S running ios 7.04. I can't get the "Touch ID" to work and I'm convinced it's a software issue. I read Apple's post on the subject (iPhone 5s: Using Touch ID) and the screens they show in the article are NOT what I have on my phone. Mine has no "Edit" button and there appears to be no way to delete a failed scan. The rest of the OS seems to be okay - I've no idea what to do.

    I'm not sure why you are not seeing the Edit button. I have it on mine. However, you should be able to delete the finger by swiping it from right to left and a red delete button should appear.

  • Issues with McAfee IPS and HP PhotoSmart Premium C309g-m performing port scan

    Trying to run a HP PhotoSmart Premium C309g-m printer wirelessly and connect to a laptop computer with Windows 7 32-bit operating system.  Printer is available for about 3 and a half minutes and then is blocked by McAfee because the printer is trying to perform a UDP port scan.  The IP address of the printer is blocked for 10 minutes and then becomes available again.  After about 3 and a half minutes, the printer IP address is again blocked by McAfee IPS for 10 minutes and the cycle repeats again.  Goes on all day.  Difficult to get any work done.  Anyone have a fix to stop the port scans?  Thanks

    Hello JWB46,
    Welcome to the HP Forums!
    I understand when you scan a document, it takes longer and the background is black with horizontal white lines or a greenish background. I will do my best to assist you! First, I need to find out your operating system on your computer? Windows or Mac?
    How is this printer connected? Wireless or USB?
    Please make sure you have followed this entire HP document on Color or Brightness Level of Scanned Image is Not Correct. I would like to test out the hardware within your printer. Try copying a blank document on the scanner glass. Let me know if you have the same results. I will be looking forward to hearing from you. Have a great night!
    I worked on behalf of HP.

  • My MBP is port scanning, and I dont know why!

    Ever since this Tuesday at the office (we're all running macs) the internet keeps going down.
    I called the ISP, they told me that one of the machines looks like it has a virus running, one of them is port scanning- and that overflowed the router and froze it.
    Turns out its my personal MacBook Pro that matches the IP address he gave me. I was FTP'd into a server and downloading a website for backup.
    He said something like ports 4400- 58,000 were being scanned sequentially and that it seemed like there was a virus on the computer, I was shocked- and told him that we were all on macs. Perhaps the FTP client (called "fetch") failed to connect to one port and tried another and another ect. But, the tech guy also said that it wasn't on FTP protocol.
    Today I've been working on securing my machine. I stopped using the Wi-fi, turned on my firewall ( I know, bad idea to not have it on ) and installed ClamXav and Little Snitch.
    Perhaps I have some kind of malware? Is it too late?
    Help!

    Isp's always blame things on the mac when they don't know why something is happening to their network.
    You could launch Activity monitor and look at all the processes that are running. Sort it my cpu cycles. There could be an application stuck in update mode or one trying to phone home..like adobe updater.

  • How to report possible Port scanning and DOS/Fraggle Attack??

    I have been experiencing lag while surfing the internet. One temporary solution was to get a new IP from VZ but this fix was short lived. So I became curios and dtarted to log connection attempts to my router and noticed what I saw resembled port scans and even a Fraggle/DOS attack at times. I am posting my routers log below and would like to kno how to go about reporting this abuse and what I see as malicious activity?
    Mar 29 00:34:16.843: %SEC-6-IPACCESSLOGP: list 115 denied tcp 112.216.99.210(60289) -> .(443), 1 packet
    Mar 29 02:09:24.956: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 1 packet
    Mar 29 02:14:54.973: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 4 packets
    Mar 29 04:46:18.559: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 04:51:54.975: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 08:37:38.717: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 1 packet
    Mar 29 08:42:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 4 packets
    Mar 29 11:58:37.525: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 12:00:33.395: %SEC-6-IPACCESSLOGP: list 115 denied tcp 209.216.8.220(8615) -> .(443), 1 packet
    Mar 29 12:03:55.001: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 15:09:06.512: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 1 packet
    Mar 29 15:14:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 4 packets
    Mar 29 20:06:44.831: %SEC-6-IPACCESSLOGP: list 115 denied tcp 190.30.227.242(45712) -> .(80), 1 packet
    Mar 29 23:42:44.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 1 packet
    Mar 29 23:47:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 2 packets
    Mar 30 01:19:56.075: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 1 packet
    Mar 30 01:25:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 2 packets
    Mar 30 01:51:48.109: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 1 packet
    Mar 30 01:56:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 2 packets
    Mar 30 02:15:11.578: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 1 packet
    Mar 30 02:20:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 2 packets
    Mar 30 02:49:55.370: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 1 packet
    Mar 30 02:55:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 2 packets
    Mar 30 03:05:05.854: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:10:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:19:07.806: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 1 packet
    Mar 30 03:24:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 2 packets
    Mar 30 03:43:44.223: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 1 packet
    Mar 30 03:48:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 2 packets
    Mar 30 04:11:31.035: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 1 packet
    Mar 30 04:16:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 2 packets
    Mar 30 04:42:01.195: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 1 packet
    Mar 30 04:47:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 2 packets
    Mar 30 05:11:34.130: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 1 packet
    Mar 30 05:16:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 2 packets
    Mar 30 05:41:22.621: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 1 packet
    Mar 30 05:46:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 2 packets
    Mar 30 06:08:02.091: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 1 packet
    Mar 30 06:13:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 2 packets
    Mar 30 06:34:59.547: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 1 packet
    Mar 30 06:40:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 2 packets
    Mar 30 07:03:04.100: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 1 packet
    Mar 30 07:08:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 2 packets
    Mar 30 07:31:13.494: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 1 packet
    Mar 30 07:36:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 2 packets
    Mar 30 08:02:27.161: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 1 packet
    Mar 30 08:07:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 2 packets
    Mar 30 08:33:47.283: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28540) -> .(80), 1 packet
    Mar 30 20:04:23.585: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(22702) -> .4(22), 1 packet
    Mar 30 20:21:10.696: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 1 packet
    Mar 30 20:26:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 2 packets
    Mar 30 20:52:52.313: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 1 packet
    Mar 30 20:57:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 2 packets
    Mar 30 21:30:11.984: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 1 packet
    Mar 30 21:35:54.963: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 2 packets
    Mar 30 21:43:27.829: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 30 21:43:27.889: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> . (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.213 -> (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.214 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 30 21:48:54.977: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.211 -> (0/0), 1 packet
    Mar 30 22:01:32.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 1 packet
    Mar 30 22:06:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 2 packets
    Mar 30 22:10:18.301: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 1 packet
    Mar 30 22:15:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 2 packets
    Mar 30 23:03:12.464: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 30 23:08:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 31 00:41:30.769: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(35443) -> .(22), 1 packet
    Mar 31 03:00:11.425: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(58521) -> .(80), 1 packet
    Mar 31 03:00:12.527: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(42339) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(41726) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(59178) -> .(80), 1 packet
    Mar 31 03:46:26.767: %SEC-6-IPACCESSLOGP: list 115 denied tcp 184.154.4.85(58071) -> .(80), 1 packet
    Mar 31 04:12:08.935: %SEC-6-IPACCESSLOGP: list 115 denied tcp 109.104.74.10(51151) -> .(22), 1 packet
    Mar 31 12:10:19.683: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 1 packet
    Mar 31 12:15:54.960: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 4 packets
    Mar 31 14:23:34.316: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 14:28:54.962: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 20:37:34.630: %SEC-6-IPACCESSLOGP: list 115 denied tcp 208.100.1.174(39803) -> .(21), 1 packet
    Mar 31 20:40:49.542: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 1 packet
    Mar 31 20:45:54.958: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 4 packets
    Mar 31 21:18:03.788: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 31 21:18:03.832: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> (0/0), 1 packet
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 130.81.137.230 -> (0/0), 2 packets
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.207 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.208 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 31 21:23:54.972: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 31 21:57:25.351: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(59472) -> .(22), 1 packet
    Mar 31 22:00:45.852: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet
    Mar 31 22:05:54.959: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet

    You're getting hit from IPs from everywhere, so there's no true person to ask in regards to this. Whoever had your IP last was probably up to no good, or it's possible for some reason your IP was targeted. Might also be possible that whoever had your IP last was running servers. My Dedicated server gets hit with this nonsense all the time. Sometimes it's an issue with someone trying to DoS one of the game servers I run on it. Causes lag for only a few seconds before the hardware firewall in front of the server kicks in and handles the rest. China I actually wound up blocking access to entirely for a month or two since I've hardly seen anything that wasn't a port scan or an SSH/FTP hacking attempt.
    A few of those IPs are owned by Google and Microsoft, which implies there was probably an HTTP server at one point running on the IP you're using now.
    ========
    The first to bring me 1Gbps Fiber for $30/m wins!

  • Over and over again: port scan TCP issuing from my mac. How can I stop this

    I have set our router to send me an alarm whenever it is attacked.
    I have noticed before that when I use Google Maps, Google Earth, Google's Picasa my mac attacks other IP's with a port scan TCP.
    As of this morning my mac has startet to attack our router about every minute, and none of the above applications ist running.
    How can I get this to stop?

    I'm experiencing a similar issue with some of the systems I support at a University. One was issuing tons of outbound ICMP requests to address 0.0.0.0 and another was port scanning a (seemingly) random name server. The systems themselves are behind a pretty aggressive firewall, as far as inbound traffic goes. Any thoughts?

  • Issue with ACS 4 and AAA. Port scan shows no Radius but does show tacacs

    to start I am new to ACS so if this is an easy issue to solve please forgive me. I am trying to get Authentication working with ACS 4. I setup everything according to the instructions and when I try to test authentication with VPN concentrator I get a No active server found error. I have tried using an Internal user to start and I also have tried an AD account. If I port scan the ACS server I do not see it advertising port 1645 but I do see Port 49 for tacacs and I also see Ports 2000-2002. CSRadius is running.

    Actually, to avoid any issues I made CSRadius listen on BOTH sets of ports :)
    So unless that got changed without my knowing it should be listening on 1645/6 and 1812/3
    Darra

  • EA6900 and Port 445

    We recently purchased an EA6900 after our old WRT320N lost part of it's bandwidth.  With the old router, people on the local wireless network (192.168.x.x) had no problem connecting via SMB to our Yosemite server (172.16.x.x) but we can no longer make that connection via SMB (AFP still functions correctly via wireless.)
    Doing a port scan using the old router and comparing it to the new router, I can see port 445 is not open on the new router and given that it is a MS port, I would say that is the culprit.  Is there anyway to get that port opened back up for the wireless users?
    Thanks
    Chris

    Cascading a router into a network basically turns it into an AP with most of the router features still available. When cascaded nothing ever gets plugged into the router's WAN\Internet Port and it's DHCP is disabled.
    In bridge mode many router features are disabled but setup is super easy because you just connect the router to the network via it's WAN\Internet Port and everything connect to the router normally. The main thing to keep in mind in bridge mode is that the network DHCP or IP is transmitted through the router. Making one big network.
    Connectivity => Internet Settings => Edit and choose Bridge Mode
    If you keep the router with Internet Settings DHCP or Static IP and connect the network to it's WAN\Internet Port this creates two separate network subnets. The network behind the router can see the network on the WAN but not the reverse because of the router's firewall and NAT.
    Please remember to Kudo those that help you.
    Linksys
    Communities Technical Support

  • Mail or some other software is port scanning

    I've recently updated all of my machines to Yosemite. Ever since then my IP is periodically blocked by my web host (which hosts my website and email). Every time I contact them for support I'm told that my machine is port scanning on port 585 which automatically blocks me. From what they tell me Mac Mail is the culprit. I have found no indication that port 585 is being used. I've even deleted my mail accounts and re-set them up with the settings that the host requested. There are no settings using 585. But again today it has happened again. Does anyone know how Mail could be doing this of if there is another software that could be scanning?

    I think you're being given bogus information, but see below if you want to make sure.
    1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
    Don't be put off by the complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
    2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
    There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
    3. Below are instructions to run a UNIX shell script, a type of program. As I wrote above, it changes nothing. It doesn't send or receive any data on the network. All it does is to generate a human-readable report on the state of the computer. That report goes nowhere unless you choose to share it. If you prefer, you can act on it yourself without disclosing the contents to me or anyone else.
    You should be wondering whether you can believe me, and whether it's safe to run a program at the behest of a stranger. In general, no, it's not safe and I don't encourage it.
    In this case, however, there are a couple of ways for you to decide whether the program is safe without having to trust me. First, you can read it. Unlike an application that you download and click to run, it's transparent, so anyone with the necessary skill can verify what it does.
    You may not be able to understand the script yourself. But variations of the script have been posted on this website thousands of times over a period of years. The site is hosted by Apple, which does not allow it to be used to distribute harmful software. Any one of the millions of registered users could have read the script and raised the alarm if it was harmful. Then I would not be here now and you would not be reading this message.
    Nevertheless, if you can't satisfy yourself that these instructions are safe, don't follow them. Ask for other options.
    4. Here's a summary of what you need to do, if you choose to proceed:
    ☞ Copy a line of text in this window to the Clipboard.
    ☞ Paste into the window of another application.
    ☞ Wait for the test to run. It usually takes a few minutes.
    ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
    The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
    5. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
    6. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
    7. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
    Triple-click anywhere in the line of text below on this page to select it:
    PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts SerialATA 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports ' com.clark.\* \*dropbox \*genieo\* \*GoogleDr\* \*k.AutoCAD\* \*k.Maya\* vidinst\* ' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 "` route -n get default|awk '/e:/{print $2}' `" 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB ' com.adobe.AAM.Updater-1.0 com.adobe.AdobeCreativeCloud com.adobe.CS4ServiceManager com.adobe.CS5ServiceManager com.adobe.fpsaud com.adobe.SwitchBoard com.adobe.SwitchBoard com.apple.aelwriter com.apple.AirPortBaseStationAgent com.apple.FolderActions.enabled com.apple.FolderActions.folders com.apple.FolderActions.folders com.apple.installer.osmessagetracing com.apple.mrt.uiagent com.apple.ReportCrash.Self com.apple.rpmuxd com.apple.SafariNotificationAgent com.apple.usbmuxd com.google.keystone.agent com.google.keystone.daemon com.microsoft.office.licensing.helper com.oracle.java.Helper-Tool com.oracle.java.JavaUpdateHelper com.oracle.java.JavaUpdateHelper ' ' 879294308 461455494 3627668074 1083382502 1274181950 1855907737 2758863019 1848501757 464843899 3694147963 1417519526 1189540302 1233118628 2456546649 2806998573 2778718105 2636415542 842973933 3301885676 891055588 998894468 695903914 1443423563 4136085286 ' 51 5120 files );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n-\t%s\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' s/[0-9A-Za-z._]+@[0-9A-Za-z.]+\.[0-9A-Za-z]{2,4}/EMAIL/g;/faceb/s/(at\.)[^.]+/\1NAME/g;/\/Shared/!s/(\/Users\/)[^ /]+/\1USER/g;s/[-0-9A-Fa-f]{22,}/UUID/g;' ' s/^ +//;/de: S|[nst]:/p;' ' {sub(/^ +/,"")};/er:/;/y:/&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: (E[^m]|[^EO])|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Genesy|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<10) print "com.apple.";} ' ' { sub(/ :/,"");print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/^root$/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1100) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/{next};/(etc|Preferences|Launch[AD].+)\// { sub(".(/private)?","");n++;print;} END { split("'"${p[41]}"'",b);split("'"${p[42]}"'",c);for(i in b) print b[i]".plist\t"c[i];if(n<500) print "Launch";} ' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| |\n","\\|\\|kMDItem'${p[35]}'=");sub("^...."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[43]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/{next};/%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|BKAg|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";p="uniq -c|sed -E '"'s/ +\\([0-9]+\\)\\(.+\\)/\\\2 x\\\1/;s/x1$//'"'";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]$1|p;b=b$1;} END { close(p);if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"cksum "F|getline C;split(C, A);C="checksum "A[1];"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text(, with v.+)?$|(Bo|PO).+ sh.+ text ex|XM)/) F=F" ("T", "C")";else F=F" ("C")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n   ...and %s more line(s)\n",l-L);} ' ' s/^ ?n...://p;s/^ ?p...:/-'$'\t''/p;' 's/0/Off/p' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / / { print "'"${p[28]}"'";exit;};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9|"sort|uniq";} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' ' /l: /{ /DVD/d;s/.+: //;b0'$'\n'' };/s: /{ /V/d;s/^ */- /;H;};$b0'$'\n'' d;:0'$'\n'' x;/APPLE [^:]+$/d;p;' ' /^find: /d;p;' "`S0 44 45`" ' BEGIN{FS="= "} /Path/{print $2} ' ' /^ *$/d;s/^ */   /;' ' s/^.+ |\(.+\)$//g;p ' '/\.(appex|pluginkit)\/Contents\/Info\.plist$/p' ' /2/{print "WARN"};/4/{print "CRITICAL"};' ' /EVHF|MACR/d;s/^.+: //p;' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps crontab iotop top pkgutil 'PlistBuddy 2>&1 -c "Print' whoami cksum kextstat launchctl smcDiagnose sysctl\ -n defaults\ read stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' pluginkit scutil dtrace profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil lsof test osascript\ -e );c2=(com.apple.loginwindow\ LoginHook '" /L*/P*/loginw*' "'tell app \"System Events\" to get properties of login items'|tr , \\\n" 'L*/Ca*/com.ap*.Saf*/E*/* -d 1 -name In*t -exec '"${c1[14]}"' :CFBundleDisplayName" {} \;|sort|uniq' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' :${p[35]}\" :Label\" '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$(RefProc): \$Message' -k Sender kernel -k Message Req 'bad |Beac|caug|corru|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|Roame|SMC:|suhel| VALI|ver-r|xpma' -o -o -k Sender fseventsd -k Message Req SL -o -k Sender Req launchd -k Message Req de: " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,J,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cght] ! -name .?\* ! -name \*ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '/S*/*/Ca*/*xpc* >&- ||echo No' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,Ex}* {/,}L*/{A*d,Ca*/*/Ex,Co{mpon,reM},Ex,In{p,ter},iTu*/*P,Keyb,Mail/B,Pr*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -path \\*s/Resources -prune -o -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,mach_i*/*,pam.d/*,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t {/S*/,/,}L*/Lau*/*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers\ "${p[N5]}" -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' '+c0 -i4TCP:0-1023' com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' "+c0 -l|awk '{print(\$1,\$3)}'|sort|uniq -c|sort -n|tail -1|awk '{print(\$2,\$3,\$1)}'" -m 'L*/{Con*/*/Data/L*/,}Pref* -type f -size 0c -name *.plist.???????|wc -l' kern.memorystatus_vm_pressure_level '3>&1 >&- 2>&3' );N1=${#c2[@]};for j in {0..9};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents XPC\ cache Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching SATA Descriptors App\ extensions Lockfiles Memory\ pressure SMC );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};A'$((7+i))'() { v=` eval sudo "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};';done;A9(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0() { [[ "$v" ]]&&sed -E "$s"<<<"$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v"|sed -E "$s";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "${s[63]}"<<<"$v"`&&C1 1 $1;};for i in 1 2 7 8;do for j in 0 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;D20 0 $((N1+1)) 2;D10 0 $N1 1;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;D13 0 $((N1+9)) 59 50;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;B1&&D73 19 53 67 55;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 20 52 66 54;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D82 35 49 61 51;D82 11 17 17 20;for i in 0 1;do D82 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A8 18 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;B3 4 0 65;A3 14 6 32 0;B4 0 16 11;A1 26 50 64;B7 16;C3 52;D13 24 24 32 31;D13 25 37 32 33;A2 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D73 21 0 32 19;D73 10 42 32 40;D82 29 35 46 39;};D23 14 1 62 42;D12 34 43 53 44;D12 22 20 32 25;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 21 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D83 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 10 42 32 41;D13 37 2 48 43;D13 4 5 32 1;D13 4 3 60 5;D12 21 48 49 49;B3 4 22 57;A1 21 46 56;B7 22;B3 0 0 58;C3 47;D22 4 4 50 0;D12 4 51 32 53;D23 22 9 37 7;A9;C2 2;} 2>/dev/null|pbcopy;exit 2>&-
    Copy the selected text to the Clipboard by pressing the key combination command-C.
    8. Launch the built-in Terminal application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
    Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
    9. If you see an error message in the Terminal window such as "Syntax error" or "Event not found," enter
    exec bash
    and press return. Then paste the script again.
    10. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return  three times at the password prompt. Again, the script will still run.
    If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
    11. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
    [Process completed]
    to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report what happened. No harm will be done.
    12. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
    At the top of the results, there will be a line that begins with the words "Start time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
    If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
    13. When you post the results, you might see an error message on the web page: "You have included content in your post that is not permitted," or "You are not authorized to post." That's a bug in the forum software. Please post the test results on Pastebin, then post a link here to the page you created.
    14. This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
    Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

  • Catching Port Scanners, or preventing port scans

    Does anyone know of way to catch a person who is "port scanning" or "port sweeping" me?
    I have Norton AntiVirus, and it blocks the port scans, and gives me the ip address, but I can't seem to find a way to link this to anyone...
    Any suggestions?

    It enrages me and I want to find them...and hack them, with something other than a computer...
    Move on.
    For on, you're not going to stop it. It's a fact of life online and there are far more systems out there doing it than you have time to track (unless you're really, really bored).
    Secondly, even if the addresses aren't spoofed you'll find one of two situations in 99.9% of all scans:
    Either the source is in some remote country like Romania or China who doesn't give two hoots about your IP, or the source is some poor schmuck whose Windows machine has been hacked and he's part of a botnet or other setup where the real culprit is far removed.
    In the former case you're wasting your time. In the latter you're targeting the wrong person and you have no chance of finding the real source.
    So consider it noise and live with it. Your life will be much happier.

  • Poor man's port scan blocker

    working with cisco IOS on 3750's at the access level, Nexus 7K's at the core. 
    I need to find a cheap but relatively harmless way to block port scans.  We have not typically had to do this, most people on the internal network behave themselves.  But we have a programmer bent on proving she's an "ethical hacker" and frankly I haven't got time for this nonsense. 
    I would just shut down her physical port but she runs these 'tools' from a vm-server and there are other hosts running on the same physical NIC so I can't just shut off that port.
    I was looking into CBAC but I need to be very careful how I craft the ACL so as not to cause legitimate traffic to cease.  That would be an RPE.  Has anyone seen a detailed write up on how to proceed?  The training I took just sort of 'touched' on it...kind of like "here's this other feature" but didn't really delve deeply into specifics.  I did a search on google and was overwhelmed.  The first couple of articles I located, probably just by cooincidence,  were written for folks already steeped in the spy vs. spy world and so were way over my KB threshold.  As I said, I can't afford to make a mistake here.
    Anyone have some tips on where I can get started on this?  Thanks so much in advance.

    Hi
    Well there are several ways you can handle this.
    but lets first make it the way it is supposed to be handled.
    1) is she breaking any IT policy ? If yes then let HR deal with the offending programmer, just make sure that they have enough proof to swat the offender hard.
    If the answer is no, no policy of the company is broken then frankly I doubt that it is your responsibility to fix the problem, wich in this case is that the IT policy is lagging behind what is desireable.
    Lets ignore the above part and check on what you asked for.
    First of all since  the machine is a vm machine in an esx host you will have problems to halt traffic simply because not all traffic does leave the ESX host.
    So what can you do ?  Is the ip address static or dynamic ?
    If it is a static ip address then you can easily write an ACL that allows what she is supposed to be able to do from that machine and then block the rest from that particular machine and then allow everything else.
    Since you did not have an ACL from the beginning this should only impact her ability to scan.
    If the 3750 software is quite new you can setup an ACL with a connection to an EEM and TCL script that IF she starts to scan you can block her address via adding a new acl or the switch sends you an email or anything you can imagine inbetween.
    If the ipadress is DHCP then you can either choose to lock it down to a specific address in the dhcp scope or you can setup something that lets you know what it is and sets a scripted acl.
    So what other things can you do ?
    You could set a MAC address access-list and shut down the Mac address passing through the switch.
    You can do alot of other things like poisoning the arp address table of the machine, and make things not work the way she wants it. duplicate ip addresses and mac addresses or maybe duplicate windows name.
    But that sort of thing can backfire and to be honest, that does not sound like the doings of a person who are in charge of the network and so on..
    I would go for the first alternative ie make sure that what she is doing is not ok according to policys, let her know that it is not ok and if she persists in her doings turn her over to the HR department.
    Good luck

  • Outgoing port scan to find blocked (by ISP)/open ports

    Hi,
    How can I do a port scan (network ports, where web pages/applications use port number 80 for example)? I would like to find out if my ISP are blocking ports -- get some hard data/facts. I've tried using an online port scanner (one that operates from a web page/server) and according to it, all my ports are blocked -- but I now realise that's incoming (to me) where I didn't initialise the communication. So I suppose to find out what I want I need to initialise the communication -- outgoing (from me) communication. How can I do this? Any software / utilities available anywhere? I tried the "port scan" in Network Utility but this never reported anything. Maybe that will do what I want but I didn't have it set up properly possibly?
    Any suggestions / ideas much apprecaited.
    Cheers,
    John.

    Hi,
    I'm not sure what you're asking.
    What I'm asking about is in connection with the action that some ISP's take described as "traffic shaping". I know they are filtering/blocking because all P2P applications stop working for a period of time each day while email and web pages continue to work fine for example. I'm thinking of complaining to varous organisations because I have it in writing from the ISP they don't do this. They do, but I just want a bit more factual data first, before spending time and money making official complaints.
    ISP's rarely block outbound packets
    Well there's traffic shaping of some sort happening. I've found out that all incoming initialted outside packets are blocked but things still work fine so I assumed it must be outgoing which are being blocked.
    If you can't make an outbound connection, it's usually the return (ACK) packet that gets blocked.
    Right, I see. In that case another cooperating machine is needed to find out what I'm after I suppose.
    However, most firewalls have a rule that allows packets through that are part of existing connections. That allows you to browse the internet no matter what source port your browser uses.
    This isn't about a protection, it's about an ISP stopping/filtering certain uses (ports) via their connections because they don't like it -- too much band width use probably.
    By far the best packet sniffer is Wireshark (formally Ethereal) for display of the capture.
    From what's said above, a packet sniffer isn't going to be enough right? There needs to be two machines, me sending to another on various ports and it replying on the same port and both machines keeping a log of what's been sent and received, then a comparison made to see what made it and what didn't --- I guess. I wonder if there is such a service, piece of software, whatever, out there?
     Is your computer behind a router in your home? Of course that would include Airport. If so, that is more likely the culprit than your ISP.
    Yes an AirPort base station. Say "that is more likely the culprit than your ISP" again after visiting http://www.reviewcentre.com/review210703.html and searching the text for "traffic shaping" a few times! I'm pretty sure I've got the base station set up fine. And I think it's more likely my ISP (the one reviewed at that link) is the culpret. P2P software stops working, well it varies, but it reliably stops during "peak hours". It's the ISP for sure.
    I don't know any ISP that blocks all ports.
    Well, for incoming, according to the http://www.websecurity.mobi/network-security-audit/178-no-open-ports-my-machine- obviously-rediculous.html (which is me expressing surprise about all incoming ports being blocked) my ISP does. Apparently there is quite a difference between incoming and outgoing. Stops people using their machine as any kind of server (according to that link). One thing I do notice is that doing:
    sudo tcpdump -v -x -s 128
    on the command line while I'm not doing anything on the internet results in nothing -- complete silence as it were. On the dial up connection I've just left doing that command there was stuff coming in all the time -- who knows what, but the complete silence on my new broadband connection would back up the idea that all incoming ports are blocked. I could be wrong of course.
    "nmap" is probably the best portscanner available but as you discovered, OS X has one builtin that you can access through the Network Utility.
    Oh right I didn't know they were the same thing. I found that the port scan in NU didn't do anything. I left it for hours. There was an IP address which I left as it had filled it in itself. Maybe I should have changed that? How can I get the right address, or does it usually fill it in correctly itself?
    What actually does a port scanner like that one do? Send something out? To what? And how does it know if it got there?
    It seems to me to get what I need there needs to be first a suitable piece of software, second another computer running the software ready for my computer to talk to and to communicate multiple times and see what happens. My point is it's not just a piece of software that's needed it's also another cooperating computer elsewhere that needed? Otherwise what's the testing software going to talk to to see if the channel is working?
    I'll look into the Port Scan in NU again, see if I can get some actual results from it this time. On a broadband connection I left it for about, I don't know, 3 hours maybe, got nothing.
    Cheers,
    John

  • Visual Voicemail gone after upgrade to 2.0 (and porting number)

    Anyone else experience this? I upgraded to 2.0 and at the same time I ported the old iPhone to another cell phone number on my account with ATT. The upgrade to 2.0 and porting appeared to go OK as everything else is working EXCEPT when on the phone application, I can not get the visual voicemail button to do anything. I press it and it acts like it is taking some time to open but it never brings up the visual voicemail screen. The phone part works as usual in all other ways.

    I upgraded to the pre-release version of 2.0 and it worked fine. Then this morning i tried to update to the official 2.0 and it could not connect to iTunes, and that pinwheel kept spinning. So I pressed home button and power button until it (iPhone) rebooted. Then i connected it to iTunes and it asked me to restore.... So i pressed the option key (in mac, idk what it is in windows) and selected the prerelease version to downgrade to and now its fine. So...... good luck all

Maybe you are looking for

  • BPEL processes not showing up in the Enterprise Manager

    We're having a serious problem with our BPEL processes. When we click on the initiate tab in the BPELConsole for each of them they give us the error message: An Error Occured : Failed to read WSDL from http://testserver:8888/orabpel/mydomain/TestProc

  • Broadcom BCM4331 drivers - b43 can't scan, wl won't install

    I have a Macbook Pro 9,2 with a Broadcom BCM4331 wireless card. I've had issues with the wireless card ever since switching to Arch a bit over a year ago, and I'm trying to fix them once-and-for-all, but I'm not having much luck. Right now, if I use

  • How to display different text for labels in Group Above Report Oracle Repor

    Hello, Is there a way to change the text that is displayed in Labels in a Group Above Report? For example, I have a Group Above report with my columns of data and above the columns I have my column labels, but I would like to be able to display vario

  • Flash player says install was successful, the Adobe site says otherwise--IE

    Hello, all: I'm trying to install flash player 10.2 on a vista 32-bit home premium system. It's a Gateway t6828 notebook, 3gb ram, 220gb hdd w/155gb free. The client does run Avast Internet Security, which I disabled during the install & also while a

  • Transport a table

    HI Gurus! I have done a small change and I need some advice and helkp on it. In the SPRO I have tried refreshing the Industry codes. What I did was deleted all the entreis existing for the BA codes and then loaded the tables with a fresh set of recor