I got a security alert from my phizical firewall (to my e-mail)
It says the time and my comptuer's IP, and another IP (destination IP I guess ?)
So, what is a TCP Flood, and why is that a security risk ?
What happeds when the TCP Floods ?
Thanks
Printable View
I got a security alert from my phizical firewall (to my e-mail)
It says the time and my comptuer's IP, and another IP (destination IP I guess ?)
So, what is a TCP Flood, and why is that a security risk ?
What happeds when the TCP Floods ?
Thanks
It is a type of DoS attack. You probably have some spyware or virus (trojan) that is constantly sending packages to a destination trying to bring down an other computer. If it is a virus, then many people might have the same problem as you, and when many computers flood the same IP it is called a DDoS attack.
You should try to get rid of it as fast as possible.
ØØ
Thanks for the reply,
I found the problem.
I did a "tracert" to the remote IP, and found out that it's actually a web-site I visited. (Actually a program I made :))
I made the program to download all pictures on the web-site I tell it to :D
I guess the firewall detects a TCP Flood because it's doing it fast ?
If the program is making lots of HTTP requests then it is possible that the firewall detects it as a DoS attack. Does the program still work properly?
Quote:
Originally Posted by CVMichael
Yeah, as VisualAd says, that is probably why. Many calls to the same IP is more or less the definitoin of DoS...:)
ØØ
Yes, the program works properly....
Well, I made it download the pictures with INet control, and it's not multithreaded either... so it does not download more than one picture at one time... so it's not THAT fast. It's just fast compared with a user (when downloading manually), but I doubt it's as fast so that the firewall would detect a DDoS attack...
Actually, now that I thought about this more, at the same time my program was downloading I was browsing the website using Avant Browser, wich i think it IS multithreaded. Yea, the browser is more likely that created the TCP Flood...
Well, anyways...
I have Norton AntiVirus installed, and up do date, and the Windows AntiSpyware (for windows XP), so i'm sure one of them would detect a virus or spyware program...