Showing results for 
Search instead for 
Did you mean: 

Port scanning from my IP?


Port scanning from my IP?

Hi all, a little help please.

Received from plusnet:

Dear Customer,
We have received reports that a PC using your IP address has been scanning other networks looking for vulnerable ports.
The most likely explanation for this is that you are infected with a virus. Please disinfect your system, and then inform us using the Contact Us feature

Now I have 3 computers behind my router, with the built-in firewall enabled, all have XP with automatic updates, AVG kept updated, and I've checked each one with Spybot and Ad-aware.

How can I find where this port scanning is coming from? I can find all sorts of tests for open ports on Google, but I can't find a way to see what could be outgoing?

I'm probably missing something obvious, but help would be appreciated.

The router is a cheap Conexant unit, and there isn't any useful logging that I can find.

:edit: I'm using the default XP SP2 firewall on all computers.

Community Veteran
Posts: 4,729
Registered: 04-04-2007

Port scanning from my IP?


Will list the open network sessions.


Port scanning from my IP?

Ok. Done that, it's showing me some TCP ports open to webpages etc. that I'm browsing, and pop3 from my email, but then there's a list of ports as below:

TCP peternew:1055 localhost:1056 ESTABLISHED
TCP peternew:1056 localhost:1055 ESTABLISHED
TCP peternew:1065 localhost:1066 ESTABLISHED
TCP peternew:1066 localhost:1065 ESTABLISHED
TCP peternew:1347 localhost:10110 TIME_WAIT
TCP peternew:10110 localhost:1351 TIME_WAIT

Sorry, but it doesn't mean much to me! Could you point me in the right direction please?

Thanks for helping!


Port scanning from my IP?

Bah. I'm just lazy....

Googled Netstat port list and it's returned some lovely information. Time to work my way through them.



Also Try running

get tcpview from its a nice graphical version of netsta that also shows what process has open ports.

its very good for finding malware on the machine its run on.

Port scanning from my IP?

Thank you: looks like some good utilities on that site: I'll check them out later.

Posts: 107
Registered: 30-07-2007

Port scanning from my IP?

I'm not criticising *you*, but rather Micro$not! You can't rely on the M$ XPsp2 firewall to stop stuff going *out* at all, but a free FW such as Zonealarm free edition (version 4.5 would do the job well) would block unauthorised *outgoing* traffic too (unless the virus was nasty enough to grok it!)

Of course, if you do this, the method should be:
1) Download ZA installer
2)Unplug network
3)Disable M$ FW
4)Install ZA
5)Reboot and plug in network