是駭客入侵嗎?防火牆log紀錄大到327KB



贊助商連結


curarpikt
2001-06-20, 08:25 PM
這是我的防火牆的紀錄:
1,[2001-Jun-19 20:42:48] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:50] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:52] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:54] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:56] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:56] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:42:58] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:00] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:02] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:02] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:04] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:06] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:08] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.59.224.21:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:10] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->211.72.254.207:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:10] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->211.72.254.207:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:12] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->211.72.254.207:137, Owner: SYSTEM
1,[2001-Jun-19 20:43:14] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->202.106.184.3:137, Owner: SYSTEM

這樣子的紀錄該不會是指:我被裝了木馬吧,
這是我沒有用網路的狀況下哦,竟然還一直向外送資料,
不只是137port 139也有,才三天而已,
我的防火牆 log 紀錄檔已經有300多kByte了
前陣子還有一件可怕的事發生,我都沒有上傳東西,
可是電腦卻一直在上傳,重新撥接後也一樣。
Ps. 我是用中華電信ADSL 512/64
Windows98SE
Tiny Personal Firewall
沒有任何即時通訊軟體(就是icq, messangers那些)

贊助商連結


curarpikt
2001-06-20, 08:50 PM
剛剛我又發現靈異現象:

1,[2001-Jun-20 19:44:12] Rule '137 Port Interruption': Blocked: In UDP 61-216-42-180.HINET-IP.hinet.net [61.216.42.180:137]->localhost:137, Owner: SYSTEM
1,[2001-Jun-20 19:44:14] Rule '137 Port Interruption': Blocked: In UDP 61-216-42-180.HINET-IP.hinet.net [61.216.42.180:137]->localhost:137, Owner: SYSTEM
1,[2001-Jun-20 19:44:14] Rule '137 Port Interruption': Blocked: In UDP 61-216-42-180.HINET-IP.hinet.net [61.216.42.180:137]->localhost:137, Owner: SYSTEM
1,[2001-Jun-20 19:44:14] Rule '137 Port Interruption': Blocked: In UDP 61-216-42-180.HINET-IP.hinet.net [61.216.42.180:137]->localhost:137, Owner: SYSTEM
1,[2001-Jun-20 19:44:26] Rule '137 Port Interruption': Blocked: Out UDP localhost:137->210.68.8.170:137, Owner: SYSTEM
中間有些部分因為太多了,所以我就切掉了。
上面的61.216.42.180就是我自己耶,這是怎麼回事