是否中毒了 - 資安
By David
at 2008-12-20T18:35
at 2008-12-20T18:35
Table of Contents
最近發現自己在學校的PC 莫名被開了port 並上傳封包
TCP 0.0.0.0:55877 220.132.59.28:22067 SYN_SENT
TCP 0.0.0.0:55878 140.112.44.107:26458 SYN_SENT
TCP 0.0.0.0:55879 218.173.129.107:40509 SYN_SENT
TCP 0.0.0.0:55880 59.112.172.115:60591 SYN_SENT
TCP 0.0.0.0:55881 61.62.56.189:33900 SYN_SENT
TCP 0.0.0.0:55882 203.64.38.175:34741 SYN_SENT
TCP 0.0.0.0:55883 218.174.131.37:7308 SYN_SENT
TCP 0.0.0.0:55888 220.132.59.28:https SYN_SENT
TCP 0.0.0.0:55889 140.112.44.107:https SYN_SENT
TCP 0.0.0.0:55890 218.173.129.107:https SYN_SENT
TCP 0.0.0.0:55891 59.112.172.115:https SYN_SENT
TCP 0.0.0.0:55892 61.62.56.189:https SYN_SENT
TCP 0.0.0.0:55893 203.64.38.175:https SYN_SENT
TCP 0.0.0.0:55894 218.174.131.37:https SYN_SENT
請教一下這是否為木馬 還是病毒? 周三也是同樣的問題 當天就重新安裝系統
沒想到今天又出現了.. 平常只有開pcman, skype, msn, kuro
不過在家裡的電腦 同樣有類似的port
TCP home:2955 61.220.57.48:19105 TIME_WAIT
TCP home:2956 61.220.57.113:5000 TIME_WAIT
TCP home:2957 61.220.57.48:19105 TIME_WAIT
TCP home:2958 61.220.57.48:19105 TIME_WAIT
TCP home:2959 61.220.57.48:19105 TIME_WAIT
謝謝~
--
Tags:
資安
All Comments
By Rae
at 2008-12-20T21:33
at 2008-12-20T21:33
By Joe
at 2008-12-22T18:56
at 2008-12-22T18:56
By Andrew
at 2008-12-25T12:34
at 2008-12-25T12:34
Related Posts
arp病毒+ip+mac更換怎麼找出
By Tracy
at 2008-12-13T21:41
at 2008-12-13T21:41
台灣有在做網路安全?
By Andy
at 2008-12-11T14:46
at 2008-12-11T14:46
請問一下要投入IT業或資安人員
By Kama
at 2008-11-29T01:16
at 2008-11-29T01:16
arp病毒+ip+mac更換怎麼找出
By Candice
at 2008-11-26T17:53
at 2008-11-26T17:53
Thunderbird 加上 TrueCrypt
By Frederica
at 2008-11-24T00:58
at 2008-11-24T00:58