Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 04-23-2006, 10:47 PM   #11
Baseband Member
 
Join Date: Apr 2006
Posts: 50
Send a message via AIM to DanielASanders Send a message via MSN to DanielASanders Send a message via Yahoo to DanielASanders
Default Re: netBIOS

I used to get alot of those when sasser and all its variants were in the wild. I also got a lot of port scans as well. Its fairly common for worms and trojans to try to connect to computers on ports where there are known security holes.

On further inspection however, that is an internal IP address that is trying to connect. Do you have your WAP open? Someone may be piggybacking on your connection and trying to browse your computer.
__________________

__________________
I wish I could buy people for what they're worth and sell them for what they think they're worth.
DanielASanders is offline   Reply With Quote
Old 04-23-2006, 10:50 PM   #12
Daemon Poster
 
uid=[0]'s Avatar
 
Join Date: Apr 2006
Posts: 906
Send a message via Yahoo to uid=[0]
Default Re: netBIOS

Thats what it sounds like to me, unless he just has other computers on the network, i do know that if there are, windows will check to see if the other computers are alive.
__________________

__________________
"Security is nothing more than a thought that makes you sleep well at night." - Me
MCSE/MCSA
Security+/Network+
Wireless Network Security Spec.
uid=[0] is offline   Reply With Quote
Old 04-23-2006, 11:45 PM   #13
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: netBIOS

Quote:
Originally Posted by uid=[0]
To fix this issue, you need to disable file/print sharing. that is why it is on. to do this you can use msconfig and go to the services tab, and disable the option titled "Server"

---edited---

also i noticed, that your probably running a netgear router. if so chances are you shouldnt have to worry about it, unless your wireless is open.
Well, im not on that kinda network. Its just shared wireless internet. Not shared printing.

D-Link and encrypted.

Quote:
Originally Posted by DanielASanders
I used to get alot of those when sasser and all its variants were in the wild. I also got a lot of port scans as well. Its fairly common for worms and trojans to try to connect to computers on ports where there are known security holes.

On further inspection however, that is an internal IP address that is trying to connect. Do you have your WAP open? Someone may be piggybacking on your connection and trying to browse your computer.
Well, my mom has a wireless laptop, but its not piggybacking off my connection. Because its wireless, and she has the network code in it.

Quote:
Originally Posted by uid=[0]
Thats what it sounds like to me, unless he just has other computers on the network, i do know that if there are, windows will check to see if the other computers are alive.
Correct two others on the wirelss. Although, one isnt in use. And as I said before the other isnt piggybacking off mine. Unless I dont know what im talkiing about, lol.
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 04-24-2006, 12:57 AM   #14
Baseband Member
 
Join Date: Apr 2006
Posts: 50
Send a message via AIM to DanielASanders Send a message via MSN to DanielASanders Send a message via Yahoo to DanielASanders
Default Re: netBIOS

For clarification, by piggybacking I meant using your wireless connection without your consent. Wardrivers, "haXors", people with too much free time, etc.

I believe that this is nothing to worry about. As uid=[0] pointed out, Windows will search the network sending the NetBIOS packets out to discover any computers. Just to make sure, I would check the IP address on the other computers and see if one matches the one you are getting the alert to. If it is, you are in the clear. If not, its time to change security settings on the WAP.
__________________
I wish I could buy people for what they're worth and sell them for what they think they're worth.
DanielASanders is offline   Reply With Quote
Old 04-24-2006, 01:15 AM   #15
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: netBIOS

Although, its from the same IP every damn time!
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 04-24-2006, 08:04 AM   #16
Fully Optimized
 
gaming_freak's Avatar
 
Join Date: Jul 2005
Posts: 2,158
Default Re: netBIOS

its not a hacker, i get the same thing on my other comps with zone alarm, im pretty sure its just one of the other comps trying to connect with that comp just to see if its there or something, just block it and tell it not to show again
__________________
ASUS P6X58D premium | i7 920 D0 @ 4.2GHz | Corsair XMS3 6GB | MSI GTX460 HAWK | OCZ vertex 2 SSD | Coolermaster HAF X case
gaming_freak is offline   Reply With Quote
Old 04-24-2006, 11:18 AM   #17
Daemon Poster
 
uid=[0]'s Avatar
 
Join Date: Apr 2006
Posts: 906
Send a message via Yahoo to uid=[0]
Default Re: netBIOS

Quote:
Originally Posted by ArrizX
Well, im not on that kinda network. Its just shared wireless internet. Not shared printing.
It does not matter, more often that not, windows has that option enabled by default. So regardless of if you are or are not, you still need to check that, and chances are that it is still on. also you say its coming from the same ip? do you manually configure the IP's on your computer? If not i might suggest doing that, so you know.... Computer A. = 192.168.0.10 B. = 192.168.0.11 and so on, so when you get an ip with activity, other what one you have assigned you will know it is not one of your computers, and you can go into your DHCP settings in your router, and configure it for only 5 computers online, or for however many computers you have. for example.... if you have 5 set it to allow 5, otherwise if you dont, your basicly allowing anyone who can crack your WEP key to walk right into your network.
__________________
"Security is nothing more than a thought that makes you sleep well at night." - Me
MCSE/MCSA
Security+/Network+
Wireless Network Security Spec.
uid=[0] is offline   Reply With Quote
Old 04-24-2006, 08:55 PM   #18
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: netBIOS

No one is cracking my WEP key on my router. I live almost litterally in the the midle of no where. So, its possible is this one dude on the internet. Because hes pissed that I banned him. So.. Yeah..
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 04-25-2006, 07:45 AM   #19
Daemon Poster
 
uid=[0]'s Avatar
 
Join Date: Apr 2006
Posts: 906
Send a message via Yahoo to uid=[0]
Default Re: netBIOS

Not likely, unless he is an uber leet haxor, he will not get past the hardware firewall on your router, unless of course it is not on, or you are sitting in the DMZ port. and besides.... that is an internal ip. not external. he would have to be sitting on your network to do that. such as if he was able to sucessfully hack one of the other computers on your network.
__________________
"Security is nothing more than a thought that makes you sleep well at night." - Me
MCSE/MCSA
Security+/Network+
Wireless Network Security Spec.
uid=[0] is offline   Reply With Quote
Old 04-25-2006, 04:47 PM   #20
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: netBIOS

Oh, well ight, thanks alot for your help dude
__________________

__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 10:20 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0