What firewall are you using (if any)?
When you say the effects of the attack do you mean that these actually
happened to you?
How have you discovered the ip?
IMPORTANT: 220.127.116.11 is a multicast address. i.e. not an actual PC but an
IP address used when someone wants to broadcast to all PC's on a network.
For example, if I wanted to ping everyone on my LAN, then I would ping
18.104.22.168. All addresses in the form : 224.0.0.x are of this type. It is not
an actual machine. Are you on a LAN? If so it may be another computer on the
LAN, either infected or sending benign packets to you. Otherwise I may be
your ISP checking up on you? What port were the attacks on?
If you're not using a firewall (I don't count the firewall built into WinXP
is this is offers only basic protection) I would recommend getting a decent
firewall such as Norton Firewall 2003 regardless of if you think you're
being attacked at all.
In case this is an attack, I would monitor network / internet communications
and/or wait till you've got a decent firewall running.
Hope this answers your question!
"Nick" <npwMa> wrote in message
news:054a01c33e4a$d36d6610$a501280aphx.gbl...> Recently my XP Pro PC got several attacks from 22.214.171.124
> (IGMP.MCAST.NET). One attack is to change %windows%
> \explorer.exe. Another one is to change %WINDOWS%
> \PCHEALTH\HELPCTR\Binaries\pch*.dll files. Would anyone
> please tell me how should I deal with the issue? Is
> IGMP.MCAST.NET a well-known attack machine? Who owns this
> Thank you.