natimage Posted October 31, 2003 Posted October 31, 2003 When I log into Cpanel...it shows me logged in from DNS sdn-ap-015neomahP0350.dialsprint.net.When I look at my ZoneAlarm logs...I have literally 100s of source DNS entries that are very similar to that above, trying to access my computer up to 5 times a minute. Here's one example: sdn-ap-013neomahP0204.dialsprint.net. They do vary from this...but they all have the same format. Also, the source and destination IP entries are similar. Sounds to me like I could have a virus...yet my virus definitions are up to date and I just ran AVG this morning! I know that when I used to access Cpanel, it showed a simple IP. I did change ISPs recently. Can anyone shed any light on this for me? Thanks, Tracy Quote
shakes Posted October 31, 2003 Posted October 31, 2003 are you using sprint for your ISP? genereally ISPs will assign dynamic dns names to you when you connect. So anything from your isp will have something.dialsprint.net ... that's why it shows up in cpanel as your connection. as for the entries in zone alarm ... it could be people probing the network for open PCs ... as long as zone alarm is stopping the requests there's no problem... although in my opinion you should be behind a broadband router anyway (assuming you have dsl or cable)... too much at risk when your machine is dangling directly off your net connection. Quote
taznumber1 Posted October 31, 2003 Posted October 31, 2003 That is acutaly a dialip connection. I have earthlink and I get the exact same mesage when I am dialing in, and not on my cable connection. Quote
natimage Posted October 31, 2003 Author Posted October 31, 2003 Yes I'm on dialup...and I use Earthlink. But why are they constantly pinging my computer? Isn't 5 times in a minute a bit excessive? Quote
shakes Posted October 31, 2003 Posted October 31, 2003 should have guessed it was dial up with "dialsprint.net" anyway ... yeah it's excessive ... but what I'm saying is it could be some kid with a cable modem and some application running that scans the network for open machines that he can get any information from. In which case it will try over and over again. or it could be someone with the welchia virus broadcasting traffic trying to spread. does zonealarm give you a port number? Quote
natimage Posted October 31, 2003 Author Posted October 31, 2003 No, I can't find that it gives a port number... I can tell you that according to ZoneAlarm, the pings are originating from all over the U.S. I don't know how accurate their WHOIS maps are, though. Quote
shakes Posted October 31, 2003 Posted October 31, 2003 honestly ... as long as zonealarm is blocking the requests i wouldn't worry about it. Unless you can prove these are malicious, you can't do anything about it. from my experiences zone alarm is pretty solid and keeps most things out. Quote
natimage Posted October 31, 2003 Author Posted October 31, 2003 Thanks for the help and the info!! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.