my comodo firewall shows tons of alert every minutes, hope some one can give me some advises.
i use bitcomet and i 've read and followed the topics talk about the rules setting. but i still have problems
i used to have inbound policy violation(access denied ip:203.198.122.213 port = 18797)
i open bitcomet preference, the listen port is 18797
block by protocol analysis( fragmented ip packet)<====================high risk
block by protocol analysis(fake or malformed UDP packet)<==============high risk
inbound policy violation(access denied, ICMP = port unreachable)
i dont know whats going on…
(p.s. how can i check what is port 1704, 1027, 5900?)
My guess is that 203.198.122.213, once finding 18797 open, checked to see what else you had open. The ms-rps(135) & 5900 (VNC)… both of these could be worms/trojans trying to find another system to infect (the host user might be unaware of this). 1027 is ICQ & 1704 is FASTechnologies License Manager (whatever that is, I didn’t check further).
block by protocol analysis( fragmented ip packet)<====================high risk
block by protocol analysis(fake or malformed UDP packet)<==============high risk
Not sure about these. It depends on the source. Based on past posts, I know some Torrent clients can do this.
inbound policy violation(access denied, ICMP = port unreachable)
i dont know whats going on…
(p.s. how can i check what is port 1704, 1027, 5900?)
thank you very much ??? ???
Search for the port numbers & type (TCP, UDP, etc) using Google or a specialised port lookup site, like this one.