cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Message about scanning for vulnerable ports

mike2843
Newbie
Posts: 3
Registered: ‎30-01-2024

Message about scanning for vulnerable ports

‎30-01-2024 9:19 PM

Hi, a few days ago I recieved a message on the help assistant saying that "We have received reports that a PC using your IP address has been scanning other networks looking for vulnerable ports". I replied asking for more information so I can look into it, but I haven't had any answer, so I have no details about what happened or when, I dont even know if it's still ongoing. I did find my address on an abuse website with reports up to about a week ago, but I don't know if it was actually my address at the time. Obviously I want to fix the problem so I don't get out internet cut off. Would there happen to be anyone around here that could help out find me some more details?

Message 1 of 7
(885 Views)
0 Thanks
6 REPLIES 6
Baldrick1
Moderator
Moderator
Posts: 12,356
Thanks: 5,543
Fixes: 430
Registered: ‎30-06-2016

Re: Message about scanning for vulnerable ports

‎30-01-2024 9:24 PM

Moderator's note:
Thread moved from Full Fibre to Everything Else

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

Message 2 of 7
(878 Views)
Townman
Superuser
Superuser
Posts: 23,909
Thanks: 10,131
Fixes: 174
Registered: ‎22-08-2007

Re: Message about scanning for vulnerable ports

‎31-01-2024 12:26 AM

" a few days ago I recieved a message on the help assistant"

What help assistant and from what email address?  Are you sure it came from Plusnet?

Sounds a little scamy!

 

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 3 of 7
(827 Views)
0 Thanks
mike2843
Newbie
Posts: 3
Registered: ‎30-01-2024

Re: Message about scanning for vulnerable ports

‎31-01-2024 4:27 AM - edited ‎31-01-2024 4:29 AM

I know! That's what I thought. But I can see it in my notifications on the member centre home page. It's on the "help assistant" at https://www.plus.net/wizard/ which I see says you can no longer ask a question, but that's how the message was sent to me and I can get back to it through that notifications bell. The message below is is all the information I have been given... (names removed)

 

Dear X,

We have received reports that a PC using your IP address has been scanning other networks looking for vulnerable ports.

The most likely explanation for this is that you are infected with a virus. Please disinfect your system, and then inform us using the Help Assistant in the customer portal (http://portal.plus.net/wizard/index.html, click on Customer Services & Billing) that you have done so.

We do not recommend a specific anti-virus product, but one freely available virus checker is AVG AntiVirus, available from http://www.grisoft.com/ . Other free and commercially offered products are also available.

Kind regards,

Y

 

Message 4 of 7
(800 Views)
0 Thanks
Townman
Superuser
Superuser
Posts: 23,909
Thanks: 10,131
Fixes: 174
Registered: ‎22-08-2007

Re: Message about scanning for vulnerable ports

‎31-01-2024 8:40 AM

Ah, OK that’s sound.

”Help centre” is legacy PlusNET space for managing support issues aka the ticketing system.  You cannot raise new tickets, but you can respond to them.

It does sound as though you have a virus or malware on your computer - what antivirus product do you use?

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 5 of 7
(766 Views)
0 Thanks
mike2843
Newbie
Posts: 3
Registered: ‎30-01-2024

Re: Message about scanning for vulnerable ports

‎31-01-2024 11:38 PM

Ah ok, it looked like that with the help centre. I did respond to the ticket since it let me. Is anyone going to see that?

It's all Linux computers and Android phones so I haven't really got any antivirus. I've got OpenWRT running so I'm using tcpdump to watch out for anything going out on high port numbers or port 22 now. The abuse website mentioned attempted SSH logins but no idea if I had the address at the time. No idea if trying to find vulnerable SSH servers would be included in "scanning for vulnerable ports". Not ideal but it should pick up that and port scans.

Message 6 of 7
(687 Views)
0 Thanks
Townman
Superuser
Superuser
Posts: 23,909
Thanks: 10,131
Fixes: 174
Registered: ‎22-08-2007

Re: Message about scanning for vulnerable ports

‎01-02-2024 2:27 AM

Linux and Android are not immune to malware and virus attack - in fact I'd suggest that they are equally prone if not more so - Linux is a hackers playground!

Linux.Hacktool.Portscan (malwarebytes.com)

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 7 of 7
(674 Views)
0 Thanks