Port Scan to verify Port Forwarding

I just followed some online instructions on doing a port forward for port 5003 (Filemaker) on my 3800 HGV - B 2wire Gateway Modem/Router (AT&T). However using no-ip.com It cannot find my computer.
I have seen some discussion on doing a Port Scan on computer to verify which ports are forwarded.
Can someone tell me how to do this?

Hi
Navigate to /Applications/Utilities. Find the Network Utility and launch it. Click on the Port Scan tab. Key in the IP address. Click Start.
Tony

Similar Messages

  • Port scan confirmed open ports on my Airport

    Hi, I just did a port scan on my out word IP address. This is the add that is on the network side of my AP. I am using an APExtreme Latest version. I thought my settings were secure, but when my portscan showed these open ports I realized it wasn't.
    OPEN:
    53 DNS (good)
    554 rtsp (QTime?)
    5009 (bad?)
    7070 arcp (QtimeStreaming?)
    10000 ndmp (bad?)
    Question how do I secure these specific ports?
    Thanks you!!

    Hi again BD,
    +The Router wouldn't be set to DMZ to the Printer by chance would it?+
    It's not something I would consider doing, or have on my network. Can something like this be logged? (well, that said why leave a log file that would be detectable?) Or is there a test, maybe a command similar to ifconfig or some such debugger?
    +Seems like the Printer must be using Bonjour only to avertize itself.+
    I thought I had disabled Bonjour using a suggested method to make an archive of ARDesktop, trash the app and leave the zip in the CoreServices folder. Maybe, something else is directing it to the outward address?
    +Can't you set the Printers IP to a Static Local IP? in the same range as your Router+
    Well I tried that but the "enter" command remained grayed out in spite of verifying the printer address. I believe AirPortUtility has an automatic function, at least I remember, when I set up the printer a few weeks ago, the process being transparent. It did all of the work for me. Since I started having problems, though, nothing has worked.
    Well, if you have any ideas or you see something out of place let me know.
    Thanks!
    Pat

  • Portal 7.2 Install - Port:: Unable to verify port.

    I have been attempting to install Portal Server 7.2 on Solaris 10(5/08). I have sucessfully installed Access Manager and Directory server from JES U1. However when i tried to install the Portal Server, I got "Unable to verify port" error. I provided the default port of Sun Java Application Server 9.1, 8080. Could anyone please suggest a way out of this impasse please, I will be much obliged.

    Can you look in the installer log file (it should be created in /tmp/install*.log or in /var/tmp).
    It should tell you why the SIMS Backend was unable to initialize. Some things to check:
    - Your system should have the rpm tool installed at /bin/rpm
    - Do you have have any old, corrupt RPM DB entries? You can clean them up with
    rpm -e `rpm -qa|grep sims-product`

  • Is this port scanning?

    Hello all,
    I’m a new Oracle Administrator and I want to ask the following question:
    I have one 10g R2 Database Server (myhost.mydomain) running a DB with SID=DB1 on a Linux Redhat Server.
    There is another 10g R2 Database on a Win2003 server (HOST1) which through a database link is doing specific select on two tables only (I am not responsible for this server).
    Looking the listener.log of my server I saw that every 10 – 20 seconds there are connections on my server and on different ports. Is this something like port scanning?
    A 10 minute sample of my listener.log:
    30-OCT-2010 08:59:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3452)) * establish * DB1 * 0
    30-OCT-2010 08:59:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3454)) * establish * DB1 * 0
    30-OCT-2010 08:59:34 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3457)) * establish * DB1 * 0
    30-OCT-2010 09:00:01 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3465)) * establish * DB1 * 0
    30-OCT-2010 09:00:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3469)) * establish * DB1 * 0
    30-OCT-2010 09:00:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3472)) * establish * DB1 * 0
    30-OCT-2010 09:00:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3474)) * establish * DB1 * 0
    30-OCT-2010 09:00:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3483)) * establish * DB1 * 0
    30-OCT-2010 09:01:03 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3484)) * establish * DB1 * 0
    30-OCT-2010 09:01:09 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3487)) * establish * DB1 * 0
    30-OCT-2010 09:01:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3488)) * establish * DB1 * 0
    30-OCT-2010 09:01:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3494)) * establish * DB1 * 0
    30-OCT-2010 09:02:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3505)) * establish * DB1 * 0
    30-OCT-2010 09:02:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3506)) * establish * DB1 * 0
    30-OCT-2010 09:02:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3511)) * establish * DB1 * 0
    30-OCT-2010 09:02:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3519)) * establish * DB1 * 0
    30-OCT-2010 09:03:03 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3520)) * establish * DB1 * 0
    30-OCT-2010 09:03:09 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3523)) * establish * DB1 * 0
    30-OCT-2010 09:03:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3524)) * establish * DB1 * 0
    30-OCT-2010 09:03:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3528)) * establish * DB1 * 0
    30-OCT-2010 09:03:58 * ping * 0
    30-OCT-2010 09:03:58 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=myhost.mydomain)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost.mydomain)(PORT=1521)))(VERSION=169870336)) * status * 0
    30-OCT-2010 09:04:09 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=52637)) * establish * DB1 * 0
    30-OCT-2010 09:04:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3537)) * establish * DB1 * 0
    30-OCT-2010 09:04:13 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=52639)) * establish * DB1 * 0
    30-OCT-2010 09:04:13 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=52640)) * establish * DB1 * 0
    30-OCT-2010 09:04:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3538)) * establish * DB1 * 0
    30-OCT-2010 09:04:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3542)) * establish * DB1 * 0
    30-OCT-2010 09:04:34 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3544)) * establish * DB1 * 0
    30-OCT-2010 09:04:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3553)) * establish * DB1 * 0
    30-OCT-2010 09:05:01 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3554)) * establish * DB1 * 0
    30-OCT-2010 09:05:03 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3555)) * establish * DB1 * 0
    30-OCT-2010 09:05:09 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3559)) * establish * DB1 * 0
    30-OCT-2010 09:05:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3560)) * establish * DB1 * 0
    30-OCT-2010 09:05:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3564)) * establish * DB1 * 0
    30-OCT-2010 09:06:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3573)) * establish * DB1 * 0
    30-OCT-2010 09:06:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3574)) * establish * DB1 * 0
    30-OCT-2010 09:06:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3578)) * establish * DB1 * 0
    30-OCT-2010 09:06:40 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=52652)) * establish * DB1 * 0
    30-OCT-2010 09:06:40 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=52653)) * establish * DB1 * 0
    30-OCT-2010 09:06:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3586)) * establish * DB1 * 0
    30-OCT-2010 09:07:03 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3587)) * establish * DB1 * 0
    30-OCT-2010 09:07:09 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3590)) * establish * DB1 * 0
    30-OCT-2010 09:07:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3591)) * establish * DB1 * 0
    30-OCT-2010 09:07:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3593)) * establish * DB1 * 0
    30-OCT-2010 09:08:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3604)) * establish * DB1 * 0
    30-OCT-2010 09:08:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3605)) * establish * DB1 * 0
    30-OCT-2010 09:08:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3607)) * establish * DB1 * 0
    30-OCT-2010 09:08:58 * ping * 0
    30-OCT-2010 09:08:58 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=myhost.mydomain)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost.mydomain)(PORT=1521)))(VERSION=169870336)) * status * 0
    30-OCT-2010 09:08:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3617)) * establish * DB1 * 0
    30-OCT-2010 09:09:03 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3620)) * establish * DB1 * 0
    30-OCT-2010 09:09:09 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3623)) * establish * DB1 * 0
    30-OCT-2010 09:09:09 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=42950)) * establish * DB1 * 0
    30-OCT-2010 09:09:13 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=42951)) * establish * DB1 * 0
    30-OCT-2010 09:09:13 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=42952)) * establish * DB1 * 0
    30-OCT-2010 09:09:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3624)) * establish * DB1 * 0
    30-OCT-2010 09:09:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3626)) * establish * DB1 * 0
    30-OCT-2010 09:09:34 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3630)) * establish * DB1 * 0
    30-OCT-2010 09:10:01 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3637)) * establish * DB1 * 0
    30-OCT-2010 09:10:07 * (CONNECT_DATA=(SID=DB1)(CID=(PROGRAM=perl)(HOST=myhost.mydomain)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.9)(PORT=42957)) * establish * DB1 * 0
    30-OCT-2010 09:10:10 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3643)) * establish * DB1 * 0
    30-OCT-2010 09:10:15 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3644)) * establish * DB1 * 0
    30-OCT-2010 09:10:26 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3646)) * establish * DB1 * 0
    30-OCT-2010 09:10:59 * (CONNECT_DATA=(SERVER=DEDICATED)(SID=DB1)(CID=(PROGRAM=d:\oracle\product\10.2.0\db\bin\ORACLE.EXE)(HOST=HOST1)(USER=SYSTEM))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=3658)) * establish * DB1 * 0

    Is this port scanning?No. Port scanning is sending various crafted tcp packets to a range of ports to determine what, if any, service is using that port as a listening end-point. It is not about sending lots of packets to a single port.
    So if someone port scans your Oracle server, there is an excellent likelihood that you will not even see that. A stealth scan is commonly used - and this will be dealt with at IP stack level and not at the listener level. So the listener will never see the port scan. It will not be recorded in the listener's log.
    What you are seeing are standard client server connections. The server port is 1521. The client port will be a brand new port each time - and a port number from the private/dynamic port range.
    A lot of client-server connections to a server that for example fails, can be a sign of a DoS (<i>Denial of Service</i>) attack. But yours simply seems to be the local Oracle instance checking in with the listener at regular intervals.
    The executable according to the connection string received from the client is <i>d:\oracle\product\10.2.0\db\bin\ORACLE.EXE</i>. This means an Oracle server process. An Oracle instance will continually contact the local listener to inform it of the services that it supports.

  • Symantec and port scan attacks

    I have found many post on the port scan attacks created by Symantec on client computers, however it seems my port scan attacks are being blocked on the Spiceworks server side.  All the clients are showing up in spiceworks with no scan errors, but when logged onto Spiceworks server there is a port scan attack every few minutes from the clients.
    This topic first appeared in the Spiceworks Community

    No. While the encryption of your wireless network is mandatory to protect other people in your proximity to access your network, computers, internet connection or eavesdrop your computers it has nothing to do with port scan attacks. Port scan attacks originate from the internet. The router will block those unless you have configured port forwardings on your router or a computer opened ports on the router through UPnP. This is because your router does NAT which makes the LAN unaccessible from the internet.
    Port scans are not really attacks but just the general "noise" in the internet. There is nothing you can do about it except not using the internet. As long as you don't have open ports there is nothing to worry about. And even if you have opened a port for instance for gaming it still depends on whether the program listening on that port is vulnerable or not.

  • Network Utility Port Scan

    Does anyone have information on the following:
    Network Utility Port scan =Open TCP Port: 2020 xinupageserver?
    Is it a Trojan Horse and how can one close the Port?
    Any help would be appreciated.

    It's a non-priveldged Universal Plug and Play port, likely you installed something like a Lexmark printer software.

  • Issues with McAfee IPS and HP PhotoSmart Premium C309g-m performing port scan

    Trying to run a HP PhotoSmart Premium C309g-m printer wirelessly and connect to a laptop computer with Windows 7 32-bit operating system.  Printer is available for about 3 and a half minutes and then is blocked by McAfee because the printer is trying to perform a UDP port scan.  The IP address of the printer is blocked for 10 minutes and then becomes available again.  After about 3 and a half minutes, the printer IP address is again blocked by McAfee IPS for 10 minutes and the cycle repeats again.  Goes on all day.  Difficult to get any work done.  Anyone have a fix to stop the port scans?  Thanks

    Hello JWB46,
    Welcome to the HP Forums!
    I understand when you scan a document, it takes longer and the background is black with horizontal white lines or a greenish background. I will do my best to assist you! First, I need to find out your operating system on your computer? Windows or Mac?
    How is this printer connected? Wireless or USB?
    Please make sure you have followed this entire HP document on Color or Brightness Level of Scanned Image is Not Correct. I would like to test out the hardware within your printer. Try copying a blank document on the scanner glass. Let me know if you have the same results. I will be looking forward to hearing from you. Have a great night!
    I worked on behalf of HP.

  • Mail or some other software is port scanning

    I've recently updated all of my machines to Yosemite. Ever since then my IP is periodically blocked by my web host (which hosts my website and email). Every time I contact them for support I'm told that my machine is port scanning on port 585 which automatically blocks me. From what they tell me Mac Mail is the culprit. I have found no indication that port 585 is being used. I've even deleted my mail accounts and re-set them up with the settings that the host requested. There are no settings using 585. But again today it has happened again. Does anyone know how Mail could be doing this of if there is another software that could be scanning?

    I think you're being given bogus information, but see below if you want to make sure.
    1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
    Don't be put off by the complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
    2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
    There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
    3. Below are instructions to run a UNIX shell script, a type of program. As I wrote above, it changes nothing. It doesn't send or receive any data on the network. All it does is to generate a human-readable report on the state of the computer. That report goes nowhere unless you choose to share it. If you prefer, you can act on it yourself without disclosing the contents to me or anyone else.
    You should be wondering whether you can believe me, and whether it's safe to run a program at the behest of a stranger. In general, no, it's not safe and I don't encourage it.
    In this case, however, there are a couple of ways for you to decide whether the program is safe without having to trust me. First, you can read it. Unlike an application that you download and click to run, it's transparent, so anyone with the necessary skill can verify what it does.
    You may not be able to understand the script yourself. But variations of the script have been posted on this website thousands of times over a period of years. The site is hosted by Apple, which does not allow it to be used to distribute harmful software. Any one of the millions of registered users could have read the script and raised the alarm if it was harmful. Then I would not be here now and you would not be reading this message.
    Nevertheless, if you can't satisfy yourself that these instructions are safe, don't follow them. Ask for other options.
    4. Here's a summary of what you need to do, if you choose to proceed:
    ☞ Copy a line of text in this window to the Clipboard.
    ☞ Paste into the window of another application.
    ☞ Wait for the test to run. It usually takes a few minutes.
    ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
    The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
    5. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
    6. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
    7. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
    Triple-click anywhere in the line of text below on this page to select it:
    PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts SerialATA 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports ' com.clark.\* \*dropbox \*genieo\* \*GoogleDr\* \*k.AutoCAD\* \*k.Maya\* vidinst\* ' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 "` route -n get default|awk '/e:/{print $2}' `" 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB ' com.adobe.AAM.Updater-1.0 com.adobe.AdobeCreativeCloud com.adobe.CS4ServiceManager com.adobe.CS5ServiceManager com.adobe.fpsaud com.adobe.SwitchBoard com.adobe.SwitchBoard com.apple.aelwriter com.apple.AirPortBaseStationAgent com.apple.FolderActions.enabled com.apple.FolderActions.folders com.apple.FolderActions.folders com.apple.installer.osmessagetracing com.apple.mrt.uiagent com.apple.ReportCrash.Self com.apple.rpmuxd com.apple.SafariNotificationAgent com.apple.usbmuxd com.google.keystone.agent com.google.keystone.daemon com.microsoft.office.licensing.helper com.oracle.java.Helper-Tool com.oracle.java.JavaUpdateHelper com.oracle.java.JavaUpdateHelper ' ' 879294308 461455494 3627668074 1083382502 1274181950 1855907737 2758863019 1848501757 464843899 3694147963 1417519526 1189540302 1233118628 2456546649 2806998573 2778718105 2636415542 842973933 3301885676 891055588 998894468 695903914 1443423563 4136085286 ' 51 5120 files );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n-\t%s\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' s/[0-9A-Za-z._]+@[0-9A-Za-z.]+\.[0-9A-Za-z]{2,4}/EMAIL/g;/faceb/s/(at\.)[^.]+/\1NAME/g;/\/Shared/!s/(\/Users\/)[^ /]+/\1USER/g;s/[-0-9A-Fa-f]{22,}/UUID/g;' ' s/^ +//;/de: S|[nst]:/p;' ' {sub(/^ +/,"")};/er:/;/y:/&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: (E[^m]|[^EO])|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Genesy|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<10) print "com.apple.";} ' ' { sub(/ :/,"");print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/^root$/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1100) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/{next};/(etc|Preferences|Launch[AD].+)\// { sub(".(/private)?","");n++;print;} END { split("'"${p[41]}"'",b);split("'"${p[42]}"'",c);for(i in b) print b[i]".plist\t"c[i];if(n<500) print "Launch";} ' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| |\n","\\|\\|kMDItem'${p[35]}'=");sub("^...."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[43]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/{next};/%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|BKAg|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";p="uniq -c|sed -E '"'s/ +\\([0-9]+\\)\\(.+\\)/\\\2 x\\\1/;s/x1$//'"'";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]$1|p;b=b$1;} END { close(p);if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"cksum "F|getline C;split(C, A);C="checksum "A[1];"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text(, with v.+)?$|(Bo|PO).+ sh.+ text ex|XM)/) F=F" ("T", "C")";else F=F" ("C")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n   ...and %s more line(s)\n",l-L);} ' ' s/^ ?n...://p;s/^ ?p...:/-'$'\t''/p;' 's/0/Off/p' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / / { print "'"${p[28]}"'";exit;};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9|"sort|uniq";} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' ' /l: /{ /DVD/d;s/.+: //;b0'$'\n'' };/s: /{ /V/d;s/^ */- /;H;};$b0'$'\n'' d;:0'$'\n'' x;/APPLE [^:]+$/d;p;' ' /^find: /d;p;' "`S0 44 45`" ' BEGIN{FS="= "} /Path/{print $2} ' ' /^ *$/d;s/^ */   /;' ' s/^.+ |\(.+\)$//g;p ' '/\.(appex|pluginkit)\/Contents\/Info\.plist$/p' ' /2/{print "WARN"};/4/{print "CRITICAL"};' ' /EVHF|MACR/d;s/^.+: //p;' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps crontab iotop top pkgutil 'PlistBuddy 2>&1 -c "Print' whoami cksum kextstat launchctl smcDiagnose sysctl\ -n defaults\ read stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' pluginkit scutil dtrace profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil lsof test osascript\ -e );c2=(com.apple.loginwindow\ LoginHook '" /L*/P*/loginw*' "'tell app \"System Events\" to get properties of login items'|tr , \\\n" 'L*/Ca*/com.ap*.Saf*/E*/* -d 1 -name In*t -exec '"${c1[14]}"' :CFBundleDisplayName" {} \;|sort|uniq' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' :${p[35]}\" :Label\" '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$(RefProc): \$Message' -k Sender kernel -k Message Req 'bad |Beac|caug|corru|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|Roame|SMC:|suhel| VALI|ver-r|xpma' -o -o -k Sender fseventsd -k Message Req SL -o -k Sender Req launchd -k Message Req de: " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,J,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cght] ! -name .?\* ! -name \*ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '/S*/*/Ca*/*xpc* >&- ||echo No' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,Ex}* {/,}L*/{A*d,Ca*/*/Ex,Co{mpon,reM},Ex,In{p,ter},iTu*/*P,Keyb,Mail/B,Pr*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -path \\*s/Resources -prune -o -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,mach_i*/*,pam.d/*,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t {/S*/,/,}L*/Lau*/*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers\ "${p[N5]}" -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' '+c0 -i4TCP:0-1023' com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' "+c0 -l|awk '{print(\$1,\$3)}'|sort|uniq -c|sort -n|tail -1|awk '{print(\$2,\$3,\$1)}'" -m 'L*/{Con*/*/Data/L*/,}Pref* -type f -size 0c -name *.plist.???????|wc -l' kern.memorystatus_vm_pressure_level '3>&1 >&- 2>&3' );N1=${#c2[@]};for j in {0..9};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents XPC\ cache Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching SATA Descriptors App\ extensions Lockfiles Memory\ pressure SMC );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};A'$((7+i))'() { v=` eval sudo "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};';done;A9(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0() { [[ "$v" ]]&&sed -E "$s"<<<"$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v"|sed -E "$s";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "${s[63]}"<<<"$v"`&&C1 1 $1;};for i in 1 2 7 8;do for j in 0 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;D20 0 $((N1+1)) 2;D10 0 $N1 1;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;D13 0 $((N1+9)) 59 50;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;B1&&D73 19 53 67 55;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 20 52 66 54;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D82 35 49 61 51;D82 11 17 17 20;for i in 0 1;do D82 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A8 18 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;B3 4 0 65;A3 14 6 32 0;B4 0 16 11;A1 26 50 64;B7 16;C3 52;D13 24 24 32 31;D13 25 37 32 33;A2 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D73 21 0 32 19;D73 10 42 32 40;D82 29 35 46 39;};D23 14 1 62 42;D12 34 43 53 44;D12 22 20 32 25;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 21 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D83 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 10 42 32 41;D13 37 2 48 43;D13 4 5 32 1;D13 4 3 60 5;D12 21 48 49 49;B3 4 22 57;A1 21 46 56;B7 22;B3 0 0 58;C3 47;D22 4 4 50 0;D12 4 51 32 53;D23 22 9 37 7;A9;C2 2;} 2>/dev/null|pbcopy;exit 2>&-
    Copy the selected text to the Clipboard by pressing the key combination command-C.
    8. Launch the built-in Terminal application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
    Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
    9. If you see an error message in the Terminal window such as "Syntax error" or "Event not found," enter
    exec bash
    and press return. Then paste the script again.
    10. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return  three times at the password prompt. Again, the script will still run.
    If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
    11. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
    [Process completed]
    to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report what happened. No harm will be done.
    12. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
    At the top of the results, there will be a line that begins with the words "Start time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
    If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
    13. When you post the results, you might see an error message on the web page: "You have included content in your post that is not permitted," or "You are not authorized to post." That's a bug in the forum software. Please post the test results on Pastebin, then post a link here to the page you created.
    14. This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
    Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

  • Crashing cFP with http port scan?

    cFP-2010 running 6.1 RT, embedded application communicating via vi server to host #1. Embedded webserver is enabled but serving (properly) only default pages.
    Scan of port 80 causes cFP module to stop responding to port 3363 requests and crash. Seems to reboot spontaneously about half the time, other times it locks up with the red status led blinking 18 times then pausing.
    Port scan is performed from host #2 using nmap 3.50. Command is:
    nmap -A -p 80 192.168.7.24 -v
    The specific request that is causing the problem appears to be 'OPTIONS / HTTP/1.0'. The response generated is 'HTTP/1.0 501 Service Temporarily Overloaded'. No 3363 requests are responded to after this and the embedded application stops.
    Enabling webserv
    er log did not make any difference and nothing was recorded in the log. Adding a delay to the scan did not make a difference.
    Any thoughts or suggestions? We anticipate using the embedded web server so turning it off isn't really an option. Thanks.
    Matt

    >Is your compact FieldPoint system on your local subnet, or is it on a different layer of your network?
    Do you see the same issue when it's on your subnet?
    cFP is on the local subnet; haven't tried a different network.
    >Can you verify that your RT Options are set properly for the webserver? While targeted to your FieldPoint system, go to Tools->RT Target Options and then browse through each Webserver configuration area, checking that your VI is visible and that your computer has network access to your controller.
    I'm not actually browsing to any .vis yet. We're using just the default 'Fieldpoint Embedded Webserver' page that shows the IP, mac, S/N, etc. Requests for the main page and subsequent links all work properly. There are no
    restrictions on access for either the webserver or tcp.
    >If you can verify that the webserver is configured properly, let's try to narrow down whether the problem is due to an issue with the network or if it's the software on the controller.
    >Please post a reply if the problem still exists.
    Thanks for your help.
    Matt

  • Port Scan with Network Utility

    I'm a little confused by the results of a port scan I just completed using Network Utility. With ARD checked in the Sharing Services pane I believe that ports 5900 and 3283 are opened but while the port scan revealed that TCP 5900 was opened there was no mention of 3283. Could this be why I'm having trouble Observing and Controlling a remote machine? I have also checked all Access Privileges for ARD.
    Hoping someone can throw a little light on the subject.

    Thank you JD and Dave for your responses.
    I've moved on a little since my post of a week ago and although I still can't work out why the Network Utility port scan didn't detect 3283 I have been able to connect to and Observe and Control a remote client on my small LAN. I have two machines connected through a Linksys router - one connected with airport and one directly connected with ethernet.
    On the Admin machine (machine A) I have four accounts: New York, LA, Chicago and Miami.
    On the Client machine (machine B) I also have four accounts: London, Paris, Rome and Berlin.
    The main account for machine A has been New York and for machine B has been London. I have been unable to use the Observe and Control feature from New York to London although all other services are available.
    As a test I opened three other accounts on each of the two machines and discovered that I could Observe and Control using any combination of the new accounts but still not the original New York account. I have also connected to machine B using a dns service address so this tells me that port forwarding on the router is configured correctly.
    I believe there is probably something in the configuration or preferences files of the New York account which is preventing me from connecting to any of the other accounts on machine B. The error message I get when trying to Control or Observe is "Connection Failed to Machine B".
    Any thoughts on the matter would be greatly appreciated.

  • My MBP is port scanning, and I dont know why!

    Ever since this Tuesday at the office (we're all running macs) the internet keeps going down.
    I called the ISP, they told me that one of the machines looks like it has a virus running, one of them is port scanning- and that overflowed the router and froze it.
    Turns out its my personal MacBook Pro that matches the IP address he gave me. I was FTP'd into a server and downloading a website for backup.
    He said something like ports 4400- 58,000 were being scanned sequentially and that it seemed like there was a virus on the computer, I was shocked- and told him that we were all on macs. Perhaps the FTP client (called "fetch") failed to connect to one port and tried another and another ect. But, the tech guy also said that it wasn't on FTP protocol.
    Today I've been working on securing my machine. I stopped using the Wi-fi, turned on my firewall ( I know, bad idea to not have it on ) and installed ClamXav and Little Snitch.
    Perhaps I have some kind of malware? Is it too late?
    Help!

    Isp's always blame things on the mac when they don't know why something is happening to their network.
    You could launch Activity monitor and look at all the processes that are running. Sort it my cpu cycles. There could be an application stuck in update mode or one trying to phone home..like adobe updater.

  • HT3546 How do I set up my air port extreme to do port forwarding? Running 10.7.4 I have a IP camera on my local wireless net work that I want to use from my iPhone 4s and other computers.

    How do I set up my air port extreme to do port forwarding? Running 10.7.4 I have a IP camera on my local wireless net work that I want to use from my iPhone 4s and other computers.

    In most cable systems, the router you have will plug into your modem and just work automatically. A NAT (Network Address Translation) router takes your external IP and hands out LAN (Local Area Network) based IPs. All of the devices you are working with right now should handle the change automatically unless you've changed from the default automatic configuration.
    The problem with your wireless end of this is that the iPhone is not yet 802.11n, only 802.11g. Because that router is not dual band, all of your wifi devices will be forced to slow down to 802.11g speeds. This won't matter much for each device that's connecting to the internet, as your bottleneck is still going to be there. Where you will see slowdowns is device to device connections, like transferring data between the devices.

  • Port Scan is shooting blanks

    I am finding it painful to set up VPN so any help anyone can give would be real generous.
    I have been trying to connect to a VPN to tunnel L2TP via IPsec over port 1701 and PPTP over port 1723 but having no joy at all.
    Macbook (10.5.6) uses mobile broadband USB modem (dynamic IP and telecom APN settings) to access internet. Internet works great, but have been unable to push thru VPN – getting the same error message "Connection terminated by communication device". I've checked firewall settings and it is set to allow all incoming requests. Therefore, there should be no ports blocked.
    However, when I check open ports using Port Scan in Network Utilities using my session IP address the results are empty. All I get is the following:
    Port Scan has started ...
    Port Scanning host: 193.120.116.180
    Port Scan has completed ...
    Why is this not working? I'm confused
    Am I able to check open ports on my Mac using dynamic IP address within active session on my Mac?

    I am trying to set up connection to PureVPN for security purposes and have followed their config settings for my Macbook.
    So how do I check the ports on my machine, as I'm sure it's not a problem at their end. I only have one machine so don't understand how it is possible to see if ports are being blocked at my end.
    Do I run that /var/log/ppp.log in Terminal?

  • How to report possible Port scanning and DOS/Fraggle Attack??

    I have been experiencing lag while surfing the internet. One temporary solution was to get a new IP from VZ but this fix was short lived. So I became curios and dtarted to log connection attempts to my router and noticed what I saw resembled port scans and even a Fraggle/DOS attack at times. I am posting my routers log below and would like to kno how to go about reporting this abuse and what I see as malicious activity?
    Mar 29 00:34:16.843: %SEC-6-IPACCESSLOGP: list 115 denied tcp 112.216.99.210(60289) -> .(443), 1 packet
    Mar 29 02:09:24.956: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 1 packet
    Mar 29 02:14:54.973: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(44315) -> .(80), 4 packets
    Mar 29 04:46:18.559: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 04:51:54.975: %SEC-6-IPACCESSLOGP: list 115 denied tcp 123.125.67.205(60157) -> .(80), 1 packet
    Mar 29 08:37:38.717: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 1 packet
    Mar 29 08:42:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(49683) -> .(80), 4 packets
    Mar 29 11:58:37.525: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 12:00:33.395: %SEC-6-IPACCESSLOGP: list 115 denied tcp 209.216.8.220(8615) -> .(443), 1 packet
    Mar 29 12:03:55.001: %SEC-6-IPACCESSLOGP: list 115 denied tcp 69.162.74.105(4529) -> .(80), 1 packet
    Mar 29 15:09:06.512: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 1 packet
    Mar 29 15:14:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.68.67(39516) -> (80), 4 packets
    Mar 29 20:06:44.831: %SEC-6-IPACCESSLOGP: list 115 denied tcp 190.30.227.242(45712) -> .(80), 1 packet
    Mar 29 23:42:44.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 1 packet
    Mar 29 23:47:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(58914) -> .(80), 2 packets
    Mar 30 01:19:56.075: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 1 packet
    Mar 30 01:25:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48356) -> .(80), 2 packets
    Mar 30 01:51:48.109: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 1 packet
    Mar 30 01:56:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(32276) -> .(80), 2 packets
    Mar 30 02:15:11.578: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 1 packet
    Mar 30 02:20:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48235) -> .(80), 2 packets
    Mar 30 02:49:55.370: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 1 packet
    Mar 30 02:55:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(65092) -> .(80), 2 packets
    Mar 30 03:05:05.854: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:10:54.971: %SEC-6-IPACCESSLOGP: list 115 denied tcp 59.178.47.229(3152) -> .(23), 1 packet
    Mar 30 03:19:07.806: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 1 packet
    Mar 30 03:24:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28767) -> .(80), 2 packets
    Mar 30 03:43:44.223: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 1 packet
    Mar 30 03:48:54.968: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(22501) -> (80), 2 packets
    Mar 30 04:11:31.035: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 1 packet
    Mar 30 04:16:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(47011) -> .(80), 2 packets
    Mar 30 04:42:01.195: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 1 packet
    Mar 30 04:47:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(56753) -> .(80), 2 packets
    Mar 30 05:11:34.130: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 1 packet
    Mar 30 05:16:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35301) -> .(80), 2 packets
    Mar 30 05:41:22.621: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 1 packet
    Mar 30 05:46:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(33024) -> .(80), 2 packets
    Mar 30 06:08:02.091: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 1 packet
    Mar 30 06:13:54.970: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54807) -> .(80), 2 packets
    Mar 30 06:34:59.547: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 1 packet
    Mar 30 06:40:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(29217) -> .(80), 2 packets
    Mar 30 07:03:04.100: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 1 packet
    Mar 30 07:08:54.967: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(54153) -> .(80), 2 packets
    Mar 30 07:31:13.494: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 1 packet
    Mar 30 07:36:54.969: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17308) -> .(80), 2 packets
    Mar 30 08:02:27.161: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 1 packet
    Mar 30 08:07:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(48707) -> .(80), 2 packets
    Mar 30 08:33:47.283: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(28540) -> .(80), 1 packet
    Mar 30 20:04:23.585: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(22702) -> .4(22), 1 packet
    Mar 30 20:21:10.696: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 1 packet
    Mar 30 20:26:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(35592) -> .(80), 2 packets
    Mar 30 20:52:52.313: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 1 packet
    Mar 30 20:57:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(25460) -> .(80), 2 packets
    Mar 30 21:30:11.984: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 1 packet
    Mar 30 21:35:54.963: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(17145) -> .(80), 2 packets
    Mar 30 21:43:27.829: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 30 21:43:27.889: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> . (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.213 -> (0/0), 1 packet
    Mar 30 21:48:54.965: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.214 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 30 21:48:54.969: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> (0/0), 1 packet
    Mar 30 21:48:54.973: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 30 21:48:54.977: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.211 -> (0/0), 1 packet
    Mar 30 22:01:32.255: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 1 packet
    Mar 30 22:06:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(30967) -> .(80), 2 packets
    Mar 30 22:10:18.301: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 1 packet
    Mar 30 22:15:54.965: %SEC-6-IPACCESSLOGP: list 115 denied tcp 65.52.110.34(31796) -> .(80), 2 packets
    Mar 30 23:03:12.464: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 30 23:08:54.966: %SEC-6-IPACCESSLOGP: list 115 denied tcp 88.208.220.10(55906) -> .(21), 1 packet
    Mar 31 00:41:30.769: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(35443) -> .(22), 1 packet
    Mar 31 03:00:11.425: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(58521) -> .(80), 1 packet
    Mar 31 03:00:12.527: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(42339) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(41726) -> .(23), 1 packet
    Mar 31 03:05:54.964: %SEC-6-IPACCESSLOGP: list 115 denied tcp 128.59.14.102(59178) -> .(80), 1 packet
    Mar 31 03:46:26.767: %SEC-6-IPACCESSLOGP: list 115 denied tcp 184.154.4.85(58071) -> .(80), 1 packet
    Mar 31 04:12:08.935: %SEC-6-IPACCESSLOGP: list 115 denied tcp 109.104.74.10(51151) -> .(22), 1 packet
    Mar 31 12:10:19.683: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 1 packet
    Mar 31 12:15:54.960: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(51886) -> .(80), 4 packets
    Mar 31 14:23:34.316: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 14:28:54.962: %SEC-6-IPACCESSLOGP: list 115 denied tcp 94.251.160.199(32941) -> .(443), 1 packet
    Mar 31 20:37:34.630: %SEC-6-IPACCESSLOGP: list 115 denied tcp 208.100.1.174(39803) -> .(21), 1 packet
    Mar 31 20:40:49.542: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 1 packet
    Mar 31 20:45:54.958: %SEC-6-IPACCESSLOGP: list 115 denied tcp 66.249.72.53(53348) -> .(80), 4 packets
    Mar 31 21:18:03.788: %IP_VFR-4-FRAG_TABLE_OVERFLOW: FastEthernet0/1: the fragment table has reached its maximum threshold 16
    Mar 31 21:18:03.832: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.200 -> (0/0), 1 packet
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 130.81.137.230 -> (0/0), 2 packets
    Mar 31 21:23:54.960: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.202 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.201 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.204 -> . (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.205 -> (0/0), 1 packet
    Mar 31 21:23:54.964: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.207 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.208 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.206 -> . (0/0), 1 packet
    Mar 31 21:23:54.968: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.210 -> . (0/0), 1 packet
    Mar 31 21:23:54.972: %SEC-6-IPACCESSLOGDP: list 115 denied icmp 98.117.72.203 -> (0/0), 1 packet
    Mar 31 21:57:25.351: %SEC-6-IPACCESSLOGP: list 115 denied tcp 115.89.213.165(59472) -> .(22), 1 packet
    Mar 31 22:00:45.852: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet
    Mar 31 22:05:54.959: %SEC-6-IPACCESSLOGP: list 115 denied tcp 87.234.32.189(49412) -> .(25), 1 packet

    You're getting hit from IPs from everywhere, so there's no true person to ask in regards to this. Whoever had your IP last was probably up to no good, or it's possible for some reason your IP was targeted. Might also be possible that whoever had your IP last was running servers. My Dedicated server gets hit with this nonsense all the time. Sometimes it's an issue with someone trying to DoS one of the game servers I run on it. Causes lag for only a few seconds before the hardware firewall in front of the server kicks in and handles the rest. China I actually wound up blocking access to entirely for a month or two since I've hardly seen anything that wasn't a port scan or an SSH/FTP hacking attempt.
    A few of those IPs are owned by Google and Microsoft, which implies there was probably an HTTP server at one point running on the IP you're using now.
    ========
    The first to bring me 1Gbps Fiber for $30/m wins!

  • How do i go to the port scan in yosemite 10.10?

    I need to go to the port scan because of my email settings and i just can't, i have done everything and i can't do it, pls help me
    thx

    http://osxdaily.com/2014/05/20/port-scanner-mac-network-utility/

Maybe you are looking for

  • 'revisiond' crashes every 10 seconds

    I recently updated from a 2010 MacBook Pro to a 2013 model four days ago. Aside from needing to re-index my mail to make searching possible, the transfer from my Time Machine backup seemed to go flawlessly. However, there's been a complication; Sever

  • Unable to see Hyperion FR reports in PDF view.

    Hi All, We are using Hyperion 11.1.1.3 version .User can able to open the report in HTML view but not in PDF View.When users try to open the report in PDF view ,found that PDF view grayed out(disabled).we tried to change the file preference-->preview

  • Largest Thumbnail for viewing on 24" monitor

    Good Morning! I'm runnung bridge 2.1.1.9 and I have a 24" monitor and I'm wondering if there is a way to make the thumbnail large enough for 1 in the light table area instead of 2 now showing?  I've moved the slider in the lower right all the way to

  • Error in MDDataSetBW.GetCellData

    Hi Expert -  I got this error message while running any webi report. "A database error occurred.  The database error text is:  Error in MDDataSetBW.GetCellData.  See RFC trace file or SAP system log for more details. (WIS 10901)" How can i see - RFC

  • Windows Native Authentication with 2 AD domains

    I have installed 10g infrastructure on win2k server. I completed the steps in note 282074.1 and WNA is working for the first domain (norris.intra). I now want to have this work for a second domain (shoremont.intra). These 2 AD domains are in separate