I'm getting at least one hit on Firestarter (the firwall) every second, there have been thosands in less than 12 hours of uptime, I wouldn't be that bothered about ignoring them because they are being stopped but everytime it happens my cpu speed goes up to 1.5GHz (It's a centrino which veries depending on use but always used to just sit at 600MHz when not opening anything - and use a lot less power)
and there have been some which are classified as "serious"...
The bulk of them are on port 5353 with verying sources (but all close to my ip address) using protocol UDP on the service Mdns, I tried to look up hostname but for the most part I couldn't get anything, although I did get a couple which came from;
"dhcp-69.unregistered.(then the name of the people who do my internet)"
The Serious ones were very strange, coming from an ip address in my range (probably from my building) and were on verious ports 137-139 on the protocol UDP on the service Samba (SMB)... which seems to be some kind of windows thing. Some on port 80 using protocol TCP using service HTTP. There was also one which was on port 445 using TCP with the service "Microsoft-ds". This seems to be the behaviour of a worm (more info would be great if you could pin it down), is the other stuff connected to it?
Does anyone have any idea what I can/should do to stop this? I'd really appreciate any advice I could get. And would ideally like to not have to ring the people who provide my service