DCOM expoit

  • Thread starter Thread starter Mike H
  • Start date Start date
M

Mike H

Avast is blocking this every five to ten minutes. It's from
67.5.138.1:135 tcp. There is very little info on this and what there is
seems pretty old. Is there a serious problem here and is there any way
to see if this is directed at this computer?
thanks!
 
From: "Mike H" <[email protected]>

| Avast is blocking this every five to ten minutes. It's from
| 67.5.138.1:135 tcp. There is very little info on this and what there is
| seems pretty old. Is there a serious problem here and is there any way
| to see if this is directed at this computer?
| thanks!

It depends. If you are on a DSL or Cable connection, get a cable/DSL Router such as the
Linksys BEFSR41. This will isolate those Exploits to the Router and not the PC and Avast
will have nothing to alert about.

To increase the security, I always suggest blocking both TCP and UDP ports 135 ~ 139 and 445
on *any* SOHO Router.
 
Mike said:
Avast is blocking this every five to ten minutes. It's from
67.5.138.1:135 tcp.
Click to expand...

Avast is an anti-virus program (which I have). Are you sure you don't
mean a firewall? Which one?

Are you by chance on a Qwest connection in Washington state? That IP
belongs to Qwest and is probably pinging neighboring IPs looking for new
victims. I'm on RoadRunner cable, and I get about 600 hits per hour from
neighbors in my same netblock.

Rest easy; your firewall is doing its job.
 
Beauregard said:
Mike H wrote:




Avast is an anti-virus program (which I have). Are you sure you don't
mean a firewall? Which one?

Are you by chance on a Qwest connection in Washington state? That IP
belongs to Qwest and is probably pinging neighboring IPs looking for new
victims. I'm on RoadRunner cable, and I get about 600 hits per hour from
neighbors in my same netblock.

Rest easy; your firewall is doing its job.
Click to expand...

Hmm. I also run Kerio firewall and the pop up doesn't bother to state
who's the author. I also experienced a tremendous slow down on my old
telephone line at roughly the same time these things started appearing.
I AM in western washington with (uggh) Qwest. Good guess. No
alternatives and no DSL out here in the sticks, unfortunately.
 
Mike said:
Hmm. I also run Kerio firewall and the pop up doesn't bother to state
who's the author. I also experienced a tremendous slow down on my old
telephone line at roughly the same time these things started appearing.
Click to expand...

You could put together a log and send it to your ISP's abuse desk.
I AM in western washington with (uggh) Qwest. Good guess. No
alternatives and no DSL out here in the sticks, unfortunately.
Click to expand...

Not a guess. <g>
 
Back
Top