Am I under hacker Attack ??

gjf · #1 07-06-2003, 07:51 AM

Like you can see, I found the hacker attack on the log
Outpost file.
My question is: What is the reason that
Outpost identify that access like a
hacker attack kind ?
The Outpost follow some rules to do that ?
Or manage the local ports thats never
receive a conection try ?
Where I can see this firewall rules ?

Thanks for all comments.

Block Hacker IP After Attack 200.xxx.yyy.175 2106 4428 00:46:29 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2226 3401 01:11:21 TCP SYSTEM IN REFUSED 00:01:37 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2224 4428 01:11:21 TCP SYSTEM IN REFUSED 00:01:21 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2196 3401 01:04:51 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2191 4428 01:04:35 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2196 3401 01:04:30 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2191 4428 01:04:14 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2107 3401 00:47:03 TCP SYSTEM IN REFUSED 00:00:02 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2226 3401 01:11:21 TCP SYSTEM IN REFUSED 00:01:58 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2107 3401 00:46:44 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2242 4428 01:14:38 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2017 4428 00:31:00 TCP SYSTEM IN REFUSED 00:00:21 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2018 3401 00:31:00 TCP SYSTEM IN REFUSED 00:00:21 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2018 3401 00:31:00 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2017 4428 00:31:00 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 1945 3401 00:13:25 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 1944 4428 00:13:12 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 1945 3401 00:13:05 TCP SYSTEM IN REFUSED 00:00:03 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2106 4428 00:46:45 TCP SYSTEM IN REFUSED 00:00:05 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2291 4428 01:28:04 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2320 3401 01:34:02 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2320 3401 01:33:39 TCP SYSTEM IN REFUSED 00:00:02 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2318 4428 01:33:39 TCP SYSTEM IN REFUSED 00:00:02 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2309 4428 01:32:17 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes
Block Hacker IP After Attack 200.xxx.yyy.175 2311 3401 01:32:17 TCP SYSTEM IN REFUSED 00:00:01 0 bytes/s 0 bytes 0 bytes

***chrisclu*** · #2 07-06-2003, 02:00 PM

quote:: What is the reason that
Outpost identify that access like a
hacker attack kind ?:
Because you had inbound communication to multiple ports from the same IP.
Looks like Outpost handled it well though.
Chris

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)