Ask Leo!

I'm being notified of an intrusion attempt, what should I do?

Home » Viruses and Malware » Malware Prevention

Summary: Intrusion attempts are actually common - you'd be surprised at how much internet traffic is due to infected machines trying to infect other machines.

The security on my computer says network traffic from (some IP address) matches the signature of a known attack. does this mean someone tried to hack into my computer and if so, how do i find out who it was?

Yes it does, and no it doesn't.

And finding out who it was it not only difficult, but probably pointless as well.

While it's certainly possible that someone is attempting to break in to your computer, it's really not very likely. By that I mean that unless you present some kind of lucrative target for some reason, there's not likely to be someone out there trying to get at you specifically.

What's more likely is that:

  • There are thousands of infected computers out there

  • They're trying to infect anyone who isn't protected

"Firewalls protect you from these random and unauthorized attempts."

Most viruses work by trying to infect other machines once they've infected yours. They do that through a number of different ways, but the important thing here is that they're simply machines, and they're dumb. They're just looking to infect anyone that they can reach.

If you were to actually look at the traffic on the internet you'd see that a great portion of it is exactly that: infected machines randomly or methodically attempting to reach out and infect other machines.

This is why you need a firewall. Even a NAT router will do. Firewalls protect you from these random and unauthorized attempts.

The great news here, is that it sounds like you already have that in place. It's likely your firewall that's reporting the intrusion attempt.

You could try to track down the infected machine trying to infect you, I suppose. The problem is that with only the IP address you can only get as far as the ISP that provides that machine's internet connection. That's not going to do much for you.

In your shoes, I'd ignore it, knowing that my firewall was protecting me, and get on with my life.

Related:

More articles about: Malware Prevention

Article Useful? Link to it from your own website; just copy/paste this HTML:

Article 11665 | Posted July 14, 2007

Recent Comments

If you need a great firewall, there is a free one called zone alarm. Go to www.zonealarm.com and download the free one. You can also have a free trial for 15 days of a virus protector but I wouldn't take it. The best virus protector in my opinion is Avg. This is free also and is available at
http://rd.bcentral.com/?ID=4765304&s=149596295
or you can go to www.grisoft.com and try and find it that way.

Posted by: Trevor at July 20, 2007 07:58 PM

Post a comment on "I'm being notified of an intrusion attempt, what should I do?":






(Email Address will not be published.)

Remember Me?

By popular demand...
my tip jar
Cuppa Joe
Buy Leo a Latte!


New!

RSS feed Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Please wait. Your comment is being processed ...


Ask Your Question:


ask-leo.com
Web

Archives

By Category
By Date

Advertisers

Advertise on Ask Leo!

««   »»

Question? - Ask Leo!
Who is Leo?
Link to Leo!

Terms, Conditions & Privacy