Thread: my mac is port scanning?!?
05-24-2007, 07:53 PM #1
my mac is port scanning?!?
- Member Since
- May 24, 2007
Since this Tuesday at the office (we're all running macs) the internet keeps going down.
I called the ISP, they told me that one of the machines looks like it has a virus running, one of them is port scanning- and that overflowed the router and froze it.
Turns out my personal MacBook Pro matches the IP address he gave me for the port scanning machine. I was FTP'd into a server and downloading a website for backup.
He said something like ports 4400- 58,000 were being scanned sequentially and that made it seemed like there was a virus on the computer, I was shocked- and told him that we were all on macs. Perhaps the FTP client (called "fetch") failed to connect to one port and tried another and another ect. But, the tech guy also said that it wasn't on FTP protocol.
Today I've been working on securing my machine. I stopped using the Wi-fi, turned on my firewall ( I know, bad idea to not have it on ) and installed ClamXav and Little Snitch.
Perhaps I have some kind of malware? Whats going on here?
05-25-2007, 07:02 AM #2
If your Mac has a virus, phone The New York Times and tell David Pogue. It'll be the scoop of the relatively short millennium.
Clam won't do you any good. Its author acknowledges that it has no Mac-anti-virus-specific code.
05-25-2007, 07:44 AM #3
I've been trying to find the story I had read about Clam not having any OS X virus code in its database, and finally found it and other interesting information on it.
Clam's author:ClamAV indeed does not contain definitions for Mac OS 9 (or earlier) viruses, which would not affect a Mac OS X only installation. It does however contain definitions for viruses of other platforms (preventing a Mac user from passing a virus along onto a network or allowing him to detect potential outbreaks) as well as cross-platform viruses or malicious applications that, while not specifically targeted at the Mac, could affect it — think some Java applets, for example.
This one on an O'Reilly Network page:If a Mac OS X virus or worm appears in the wild, it would need to be added by the ClamAV developers to the database. While there cannot be any guarantee that it will be (much like with any other anti-virus application) everything seems to indicate it will.Description: An issue in ClamAV's automatic virus database updating may result in a stack-based buffer overflow. A malicious or spoofed ClamAV database mirror may be able to cause arbitrary code execution with the privileges of ClamAV. The Mail service, virus scanning, and automatic virus database updates are off by default. This update addresses the issue by incorporating ClamAV 0.88.2. This issue does not affect systems prior to Mac OS X v10.4.
05-25-2007, 08:25 AM #4
- Member Since
- May 24, 2007
ok, yeah I'm sure I don't have a virus its probally some type of error- maybe the router itself is buggy
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
By freddy d in forum OS X - Operating SystemReplies: 1Last Post: 01-13-2014, 11:55 PM
By tralston in forum Other Hardware and PeripheralsReplies: 0Last Post: 08-28-2010, 08:39 PM
By SirTopas in forum OS X - Apps and GamesReplies: 3Last Post: 03-02-2008, 06:34 PM
By excel in forum Other Hardware and PeripheralsReplies: 5Last Post: 07-04-2006, 08:12 AM
By roma0104 in forum OS X - Operating SystemReplies: 0Last Post: 06-07-2006, 02:31 PM