New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Web Design and Hosting Creating sites, scripting, and hosting discussions.

my mac is port scanning?!?


Post Reply New Thread Subscribe

 
Thread Tools
jg09155

 
Member Since: May 24, 2007
Posts: 2
jg09155 is on a distinguished road

jg09155 is offline
Since this Tuesday at the office (we're all running macs) the internet keeps going down.
I called the ISP, they told me that one of the machines looks like it has a virus running, one of them is port scanning- and that overflowed the router and froze it.
Turns out my personal MacBook Pro matches the IP address he gave me for the port scanning machine. I was FTP'd into a server and downloading a website for backup.
He said something like ports 4400- 58,000 were being scanned sequentially and that made it seemed like there was a virus on the computer, I was shocked- and told him that we were all on macs. Perhaps the FTP client (called "fetch") failed to connect to one port and tried another and another ect. But, the tech guy also said that it wasn't on FTP protocol.
Today I've been working on securing my machine. I stopped using the Wi-fi, turned on my firewall ( I know, bad idea to not have it on ) and installed ClamXav and Little Snitch.

Perhaps I have some kind of malware? Whats going on here?
Help!
QUOTE Thanks
Brown Study

 
Brown Study's Avatar
 
Member Since: Mar 11, 2004
Location: Winnipeg
Posts: 1,964
Brown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to all
Mac Specs: G4 Tiger and OS 9

Brown Study is offline
If your Mac has a virus, phone The New York Times and tell David Pogue. It'll be the scoop of the relatively short millennium.

Clam won't do you any good. Its author acknowledges that it has no Mac-anti-virus-specific code.
QUOTE Thanks
Brown Study

 
Brown Study's Avatar
 
Member Since: Mar 11, 2004
Location: Winnipeg
Posts: 1,964
Brown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to allBrown Study is a name known to all
Mac Specs: G4 Tiger and OS 9

Brown Study is offline
I've been trying to find the story I had read about Clam not having any OS X virus code in its database, and finally found it and other interesting information on it.

Clam's author:
Quote:
ClamAV indeed does not contain definitions for Mac OS 9 (or earlier) viruses, which would not affect a Mac OS X only installation. It does however contain definitions for viruses of other platforms (preventing a Mac user from passing a virus along onto a network or allowing him to detect potential outbreaks) as well as cross-platform viruses or malicious applications that, while not specifically targeted at the Mac, could affect it — think some Java applets, for example.
Thls Clam forum thread discusses the app not including even pre-OS X virus recognition, SevenDust in this instance.

This one on an O'Reilly Network page:
Quote:
If a Mac OS X virus or worm appears in the wild, it would need to be added by the ClamAV developers to the database. While there cannot be any guarantee that it will be (much like with any other anti-virus application) everything seems to indicate it will.
I also came came across this security-vulnerability warning on the Apple site. Make sure Clam is up to date.
Quote:
Description: An issue in ClamAV's automatic virus database updating may result in a stack-based buffer overflow. A malicious or spoofed ClamAV database mirror may be able to cause arbitrary code execution with the privileges of ClamAV. The Mail service, virus scanning, and automatic virus database updates are off by default. This update addresses the issue by incorporating ClamAV 0.88.2. This issue does not affect systems prior to Mac OS X v10.4.
QUOTE Thanks
jg09155

 
Member Since: May 24, 2007
Posts: 2
jg09155 is on a distinguished road

jg09155 is offline
ok, yeah I'm sure I don't have a virus its probally some type of error- maybe the router itself is buggy
QUOTE Thanks

Post Reply New Thread Subscribe


« iWeb page counter not using .Mac | building a site - benefits? »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
1st Time Mac Owner...Shunned hcmitchellr Switcher Hangout 20 02-22-2007 10:28 AM
mail 2.1.1 can't connect to custom pop ssl port helpmhost OS X - Apps and Games 0 02-12-2007 06:05 PM
Disillusioned Mac desigener switches to Windows mogwai Schweb's Lounge 21 05-11-2006 02:05 PM
It's called a Mac iSheep Schweb's Lounge 22 10-13-2004 05:35 PM

All times are GMT -4. The time now is 12:19 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?