Firewall alert: Nmap

[kohoutek1]

Hello folks,

I'm a newer BitComet (ver 1.23) user and successfully d/l a video yesterday :D . At about the same time as my d/l finished and the red arrow appeared to indicate that I was in upload-only mode, my A/V (fSECURE) began alerting me with the following message:

Firewall Alert

Intrusion attempt detected: Nmap TCP scan

Firewall has blocked this traffic

etc

I have a cable connection & am running XP Pro

My question is: Do you know if this message is related to my BitComet u/l or d/l. I was worrying about my ability to reciprocate with the u/l portion - even though the summary page indicates that I am uploading (albeit slowly @ average 32 kB/s). Just wanting to play fair!

Thanks!

[kluelos]

The whole affair has nothing to do with bittorrent.

NMAP is a well known port-scanner, a tool that looks for open ports on a computer. The purpose of a firewall is to block such scans -- or more properly, to intercept them and make like a hole in cyberspace, so that the scanner can't tell whether there's something intercepting it, or nothing there to respond.

Scans like this are common, so you probably want to tell your firewall not to alert you when it happens or you may get drowned in alerts.

But now you know why we tell people to never, ever connect to the internet without a known working firewall. Once such a scanner detects that you have open ports with responsive applications running on them, the next step is to attack, infect, take over and conceal all evidence of that. You've just been zombied, and your bandwidth will now be used to send spam email and conduct distributed denial-of-service attacks on other sites without your knowledge.

It takes more time to take a shower than it does to be infected this way. One university studying the subject found that they couldn't even finish installing Windows completely before being probed and attacked. The bad guys are out there and you just spotted one.

[kohoutek1]

Thanks for clarifying things for me kluelos. You're right - I was receiving a string of alerts and have instructed my A/V to continue its work without alerting me.