Firewall just said "Port Attack in progress"

Got this message on firewall

Somebody is scanning your computer.
Your computer's TCP ports:
1102, 44031, 139, and 22163 have been scanned from 192.168.1.102..

I looked at chart and it showed that my computer is being scanned frequently from this ip#.
Can a techie help me and tell me what I need to do?
I run AVG, sygate and go through a router.
Thank you in advance.

OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: IANA-CBLK1
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate: 1994-03-15
Updated: 2002-09-16

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org

# ARIN WHOIS database, last updated 2005-03-23 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

anything beyond that seems unreachable. Does your ip start with 192.168?

It's probably your router's address.

I'm not a techie, but I believe that 192.168.1.102 would refer to a local computer on your home network, behind your router--basically, if I am correct, it is one of your computers. I'm sure some techs here will correct me if I am wrong, but it may even be your computer that you are on. I believe a default IP address for a router is 192.168.1.1.

I know this isn't much help...but it may point you in the right direction.

I forgot about that. (Out in the country, with no affordable broadband, I forget these things.) I wonder why that's the default? Seems an odd choice, but there's probably a good (technical) reason for it.

There are 4 computers on this network so it's possible that is the problem with the router.
Thank you again.

... if you're using Windoze, it's something to do with Network Neighborhood. Win likes to keep tons of ports open for other computers on local networks (its principal weakness).

For instance, Windows port 139 is the NetBIOS file and printer sharing port. (And it's good your firewall catches this and keeps that port closed, because this perhaps is the most dangerous port to leave open.)

Depending upon OS version, you may be able to solve this problem by clarifying file and printer permissions between computers, unless your firewall is single-user only.

Cheers.

... but for further education, here's the protocol on private network routing:

http://www.faqs.org/rfcs/rfc1918.html

192 ip ranges are not part of the net. They are reserved for internal net ranges. If your system is detecting issues from this range then you probably have your firewall set a little tight.

and grab the freebie "Three Musketeers" utilities:
UnPlug n Pray
Shoot the Messenger
DCOMbobulator

Get them free at http://grc.com

Windoze is shipped with all features turned on. Many of those communications features are used by hackers & spyware.

Both my PCs have up-to-date antivirus and software firewalls. They both run anti-spyware software and are connected to a router that provides a hardware firewall.

I've got all Windoze features I don't use disabled.

I've been lucky so far, but I expect my surfing PC to get trashed sooner or later. I keep my installation CDs handy.

PM if you would like more info.

coming from an internet address, but an internal address.

Do you have a home network? If so, have all other computers on the network been scanned for virii and so forth?

If it's probing a port instead of making a specific request to a port, that's a sign of virus or worm activity in many cases, since it's looking for specific vulnerabilities in order to propagate itself.

I would do a complete virus scan on the other machines in the network.