Hi, I have a question regarding ZA Firewall alerts. In the last two days I seem to be having many attempted connections form various IP addresses. They are mainly labelled as (TELNET) but some are also (TCP port 445) and most are designated high risk. All are being blocked by the ZA firewall. In some instances I am getting one a minute.
Is this a hacking attack or just random attempts to find a vulnerable computer? I have not noticed this behaviour before to this degree. Below I have copied in an example from the log.
I dont know if it is related but this seems to have happened since the latest ZA program update. I have done a scan with 3 different Virus/malware scanners and they show a clean system.
FWIN,2010/07/28,23:29:24 +8:00 GMT,22.214.171.124:14324,126.96.36.199:445,TCP (flags:S)
FWIN,2010/07/28,23:29:36 +8:00 GMT,188.8.131.52:3054,184.108.40.206:445,TCP (flags:S)
FWIN,2010/07/28,23:29:48 +8:00 GMT,220.127.116.11:5060,18.104.22.168:5060,UDP
FWIN,2010/07/28,23:32:46 +8:00 GMT,22.214.171.124:4065,126.96.36.199:445,TCP (flags:S)
FWIN,2010/07/28,23:39:10 +8:00 GMT,188.8.131.52:2155,184.108.40.206:445,TCP (flags:S)
Any advice would be appreciated.
WIN 7 Home premium
ZA Antivirus Ver 9.3.014.000
AV engine ver 220.127.116.11 1023244288
ZA Browser Sec 18.104.22.168