ipfw.log question

H

hokie

Registered
is my imac under attack?
thanks fou your help.

my imac's ipfw.log looks like this:
Nov 28 22:15:18 xxxxx-xxxxxxxxxxx-imac ipfw: 12190 Deny TCP 217.129.77.106:7994 xxx.xxx.xxx.xxx:5900 in via en0
Nov 28 22:15:21 xxxxx-xxxxxxxxxxx-imac ipfw: 12190 Deny TCP 217.129.77.106:7994 xxx.xxx.xxx.xxx:5900 in via en0
Nov 28 22:15:27 xxxxx-xxxxxxxxxxx-imac ipfw: 12190 Deny TCP 217.129.77.106:7994 xxx.xxx.xxx.xxx:5900 in via en0
Nov 28 22:15:29 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 144.195.182.19:30799
Nov 28 22:16:13 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:6881 from 222.84.13.47:20196
Nov 28 22:28:01 xxxxx-xxxxxxxxxxx-imac ipfw: 12190 Deny TCP 210.1.72.195:3578 xxx.xxx.xxx.xxx:22 in via en0
Nov 28 22:28:05 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 130.218.179.128:30799
Nov 28 22:30:37 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.210.72:42033
Nov 28 22:30:37 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1027 from 204.16.210.72:42033
Nov 28 22:30:37 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1027 from 204.16.210.72:42033
Nov 28 22:34:14 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.210.100:42878
Nov 28 22:34:14 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1027 from 204.16.210.100:42878
Nov 28 22:35:34 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 207.116.184.35:30799
Nov 28 22:36:15 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:6881 from 222.84.13.47:20196
Nov 28 22:37:35 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.210.60:48618
Nov 28 22:37:35 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1027 from 204.16.210.60:48618
Nov 28 22:37:35 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.210.60:48618
Nov 28 22:41:56 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.208.66:35898
Nov 28 22:54:41 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1026 from 204.16.210.100:42878
Nov 28 22:54:41 xxxxx-xxxxxxxxxxx-imac ipfw: Stealth Mode connection attempt to UDP xxx.xxx.xxx.xxx:1027 from 204.16.210.100:42878
 
Well it is a port scan done most likely being controlled by a hacker using a zombie computer. This is why you should most always use an external firewall = use a software firewall. These kinds of scans come to anyone who uses a broadband connection, PC or Mac.

Better being safe than sorry.
 
You must log in or register to reply here.
Back
Top