Intrusion alert:3000+

I’ve been ignoring my intrusion alert numbers even though it showed 3000+ sometimes until today that I caught a person changing my yahoo messenger status with his intrusion which the CIS detected but I stupidly allowed.

I traced his IP and found that his ISP is the same with mine.

My question is why do I have 3000+ intrusion attempts logged? well mostly by 2-5 different Ip addresses. One is particularly persistent.

Do I have to worry about these intrusion attempts? Wat can I do to protect my PC better and how can I know if somebody got into my PC?


  1. The number of event in Log depends on 2 conditions: number of Rules “Block AND LOG” and number of intrusions.

  2. You shouldn’t worry about logged intrusions. If they in Log - then they were blocked =)

  3. About IP from same ISP - If they virused, then it is logicaly that nearest IP range for distributing - same IP range of ISP

  4. First of all - try to apply Rules for blocking ECHO requests.

  5. If you REALLY want to get your life more safe - save you Logs and call to your ISP. Describe situation with permanent intruder and tell ISP that you have enough Logs to prove it. ISP wants to have a good reputation, so it could help you.

Hmm how do I set to block echo request? I’ve stealthed all my ports with CIS.

Never mind I got it expproff. Thanks tests at showed all my ports didn’t respond to ping request. thanks