Jump to content

cloudytechi147

Members
  • Posts

    1
  • Joined

  • Last visited

    Never

Posts posted by cloudytechi147

  1. I got a notification from my Kaspersky antivirus on my windows 10 (which is always on) Apparently, there was a port scan and it was blocked.

    User: NT AUTHORITY\SYSTEM
    User type: System user
    Component: Network Attack Blocker
    Result description: Blocked
    Name: Scan.Generic.PortScan.TCP
    Object: TCP from 104.152.52.xxx at 192.168.0.10:1701
    Additional: 192.168.0.10
    Databases release date: Yesterday, 1/19/2022 12:34:00 PM
    1. 192.168.0.10 is a virtual machine running debian; I have UFW on this debian and port 1701 is not in any UFW rules. (so it's not allowed)
    2. I have done a grep on the ports of the debian VM using: sudo netstat -tulpn | grep 1701 Found nothing
    3. I assume the port scan has been done on all the machines in my network?
    4. How can I find out where the scan comes from?
    5. What are the consequences? What should I do next?

    ----------
    code from types of IP addresses.

×
×
  • Create New...