[mrbeast]

I don't know where to post this but here goes. I am using win xp home edition and I have sygate firewall. Everyday I am getting an active response notice in my firewall. I traced it back and it comes up with dsl.bell.ca. I am on a satellite internet connection (rural service). I have talked to bell my ISP and they told me that it is my IP address that is sending these active responses. I have no idea about any of this. Here is the log file from my firewall.
08/22/2010 10:15:02 Port Scan Minor Incoming TCP 174.88.6.136 174.88.6.54 1 08/22/2010 10:15:02 08/22/2010 10:15:02

08/22/2010 10:15:17 Active Response Major Incoming Unknown 174.88.6.136 174.88.6.54 1 08/22/2010 10:15:03 08/22/2010 10:15:03

08/22/2010 10:25:07 Active Response Disengaged Information Unknown Unknown 174.88.6.136 0.0.0.0 1 08/22/2010 10:25:03 08/22/2010 10:25:03

Now bell tells me that 174.88.6.54 is my IP address. i have 3 logs with the same information on it.
08/21/2010 11:36:17 Port Scan Minor Incoming TCP 174.89.147.223 174.89.147.217 1 08/21/2010 11:36:02 08/21/2010 11:36:02

08/21/2010 11:36:32 Active Response Major Incoming Unknown 174.89.147.223 174.89.147.217 1 08/21/2010 11:36:18 08/21/2010 11:36:18

08/21/2010 11:46:32 Active Response Disengaged Information Unknown Unknown
08/24/2010 04:41:41 Port Scan Minor Incoming TCP 174.88.6.59 174.88.6.54 1 08/24/2010 04:41:44 08/24/2010 04:41:44

08/24/2010 04:41:48 Active Response Major Incoming Unknown 174.88.6.59 174.88.6.54 1 08/24/2010 04:41:46 08/24/2010 04:41:46

13 08/24/2010 04:51:44 Active Response Disengaged Information Unknown Unknown 174.88.6.59 0.0.0.0 1 08/24/2010 04:51:46 08/24/2010 04:51:46

These attacks seem to happen when I am not at my computer. One noght somebody tried to send me a file. I do not have this log file but when I traced it back it went to... yup u guessed it bell. Now the tech's on the phone can't help me they have no idea why my computer would be pinging itself. I have my firewall set up to allow all system and windows services to access the internet.
I hope someone here can help me figure this out.

[Advertisements]

sorry for the double post.

[mrbeast]

sorry for the double post.

[mrbeast]

I guess by me not getting any replies that nobody can help me with this. All I really need is a good IP lookup site and I can investigate myself.

[123Runner]

A lot of times you won't get a response right a way because no one will no how to help.

I can't give you any good answers.
I would be concerned about you having possible malware/virus.

I can give you a link to a good IP look up site

http://<strong class...p.net</strong>/

[mrbeast]

Ty. I have done some investigating and found out that the active response is a program on my computer stopping something from getting in. I have talked to my ISP and they say they can't do anything so I am on my own with this problem. I am trying to find out who this IP address is so I can get it stopped. I got up this morning and up until right now I have 119 notices in my firwall log. 1. port scan 2. active response 3. active response disengaged. I trace everything back all i am getting is dsl.bell.ca my friend checked out the Ip address and he found that it was a weather station. I have not seen this yet but I am just starting to look for more IP lookup's to get more information.

My computer is virus /malware free. I have malware protection (malwarebytes) I do 3 different online virus scanners daily, I have rootkit protection, firewall and I use ccleaner.

Thanks again.

Edited by mrbeast, 26 August 2010 - 04:23 PM.