I get sporadic connection attempts to my computer when on a public wireless network (I have now switched over to wired network).
e.g. from ports 1529, 3399, 3400-3404, 3398, 3441, 3476, 3477 on the "attacking computer" to my ports 515, 9100, 2191, 80, 443, 81, 139, 80, 445, 139. This only happened once and ZA-ISS blocked all attempts.
After checking what most of my ports are (being either for file/printer sharing, NETBIOS session, internet server, etc.) is this a malicious attack? Or is this probably a malware (worm) infected computer on the network trying to scan through to other potential unprotected computers?
I posted a similar question previously because I was getting a few attempts (1 to 3 times) onto ports 80 and 445 each day for the past week when on the public wireless network.
ZA reports that the Source DNS is coming from my schools public wireless network.
netstat -anob shows all ports closed (except 445 which windows leaves open always)
HiJack This! and other malware/antivirus scans all show up clean.
Using ZA-FF for browsing too, so I am doubting a back-door trojan as of now. (but could be?)
Windows XP Pro
ZoneAlarm Internet Security Suite
Message Edited by riceorony on 11-17-2008 09:10 AM