Hi. I got a cable modem last month, and after reading many articles about
security I installed ZoneAlarm. I have my File and Print sharing off, and
ZoneAlarm set to it's high security setting. Well, I've noticed a lot of
alerts...All from address 208.184.17t2.xxx:1975 o many of my ports. I tried
Sam Spade, but I'm not much in the know when it comes to this stuff. I
think there were entries for bogus rDNS under the addresses I'm suspecting.
Well, I did a netstat in dos, and I saw the same addresses...mostly with
TIME_WAIT, but occasionally a connection was ESTABLISHED or SYN_SENT
(whatever that means).
So, I would like to know:
1. Am I being hacked? Attempted?
2. Who is this 208.184.172.xxx that's contacting my computer?
3. If I am being targeted, with the setup I have, how safe am I? And if
so, Any other common (cheap) precautions?
Thanks, Mark Moreau.
4. Netware Copy