News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Hackers Trying to Connect to My Computer

    Home Forums Networking – routers, firewalls, network configuration Hackers Trying to Connect to My Computer

    Viewing 3 reply threads
    • Author
      Posts
      • #2375863
        jimgoode
        AskWoody Plus

        I use Malwarebytes and SuperAntispyware to scan my computers 1-2 times a week. This past week I installed a Malwarebytes update which came with a trial to the Premium version. This upgrade has reported several hundred attempts to connect to my computer using port 5900 (VNC) which it says is a Trojan/RiskWare/Compromised system. I cataloged the IPs and looked them up and the origins are Russia, China, Romania, Ukraine, etc… all places know to harbor people doing bad things when it comes to hacking (see attached file). I have verified the reported blocked attempts with my router system log which seems to verify that these IPs are trying to breach my system. I rebooted my system, fired up my PureVPN app, restarted Malwarebytes and the attempts are continuing.

        1. Is anyone else experiencing this problem?
        2. Why didn’t the VPN cause the break in attempts to stop?
        3. What software do others use to prevent these types of attacks? Norton? Malwarebytes Premium? Other?
        4. Can I block these attempts through my ASUS router? Can I exclude all 5900 port connections and then include specific exceptions? I currently use UltraVCN and TeamViewer to connect to my home system when I am traveling.

        Thanks in advance for your input,

        Jim G

      • #2375904
        Rick Corbett
        AskWoody_MVP

        They are just ‘attempts’… part and parcel of living in a connected world with miscreants constantly scanning well-known remote-access ports.

        They aren’t ‘established connections’… so you have nothing to worry about.

        UltraVNC – by default – uses the same port as other VNC forks – 5900 – but you can change that in its Server Configuration if you really want to.

        vnc_default_port

        Personally, I wouldn’t bother… because you are also protected by the *secure* password you set.

        TeamViewer uses a slightly different default port – 5938 – but miscreants know this and scan for it too… but, again, you’re protected by the *secure* password you set.

        So… the only question you really need to ask yourself is: “Do I use *very secure* passwords on my remote-access apps?”

        TL;DR

        I’ve now been using remote-access apps for nearly 17 years – including TeamViewer since it was introduced in 2005 as a VNC fork – both professionally in an environment with ~6500 devices and at home with family and friends.

        I’ve never, ever had a ‘compromised’ problem… ‘cos secure passwords have always been used.

        With TeamViewer, I always decline the offer of an ‘account’ – which was compromised years ago by people using the same id/password combo for ALL of their online communications and led to TeamViewer having to introduce 2FA to protect users from themselves.

        PS – Your ISP should be blocking these random, automated IP scans of their domain… and blocking/investigating the originating endpoint.

        Hope this helps…

      • #2375924
        vp2006
        AskWoody Plus

        I have not had any issues and I too have a VPN. I have a CleanWeb option though which comes with my VPN, supposedly blocks ads, trackers and malware. But in this day and age, I could not do without the best anti-malware/virus and cybersecurity software. I know Malwarebytes has a free version, but I really encourage anyone to try their paid version which is what I use. They have real time protection which includes web, malware, ransomware and exploit protections. Fortunately, I am grandfathered in to the Malwarebytes Premium and do not pay for my subscription. But if I had to pay for it, I would for peace of mind; it would be worth every penny. This software works and Malwarebytes has blocked many threats over the years, including keeping me from opening some very bad websites. There are just too many bad actors out there today and it is only getting worse.

      • #2376580
        GoneToPlaid
        AskWoody Plus

        Do not use Real VNC or any derivative forks of it, as it is easy to hack. Plenty of YouTube videos about it.

        If you insist on using VNC, then you must configure a static IP address (an external service may be required) for your remote computer, and you must configure the firewall on your VNC computer or in the VNC computer’s router to only pass the specific external IP address of your remote computer to VNC.

        Do not rely on configuring VNC to only accept connections from a given IP address. You have to do this in your VNC computer’s software firewall or in your VNC computer’s router firewall.

    Viewing 3 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Hackers Trying to Connect to My Computer

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.