Security Incidents mailing list archives
Wake-up call
From: "Los, Ralph" <rlos () ENVESTNET COM>
Date: Fri, 29 Dec 2000 00:39:05 -0600
Hey everyone,
Thought you might be interested in this one, pardon if it's already
been seen.
12/27/2000 11:56:19.192 - UDP packet dropped -
Source:209.91.163.236, 1030, WAN - Destination:my.firewall.ip.num,
28800, LAN - -
12/27/2000 11:57:19.288 - UDP packet dropped -
Source:209.91.163.236, 1030, WAN - Destination:my.firewall.ip.num,
28800, LAN - -
12/27/2000 11:58:22.368 - UDP packet dropped - Source:63.17.37.124,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
12/27/2000 11:59:27.800 - UDP packet dropped - Source:24.65.240.83,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
12/27/2000 12:00:37.848 - UDP packet dropped - Source:24.65.240.83,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
12/27/2000 12:01:54.160 - UDP packet dropped - Source:24.24.147.33,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
12/27/2000 12:03:14.592 - UDP packet dropped - Source:24.24.147.33,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
12/27/2000 12:04:37.800 - UDP packet dropped - Source:24.9.220.84,
28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - -
1. Can someone help me analyze this? (No packet dumps unfortunately, just
this)
2. Is there a site that exists that can better help me find port-scan
associations? SANS institute's web site seems a little lacking in the
department!
Regards,
Ralph M. Los
Sr. Internet Systems & Security Admin. (312) 827-3945 (direct)
EnvestNet Advisory Corp. (312) 296-9003 (wireless)
rlos () envestnet com
Current thread:
- Wake-up call Los, Ralph (Dec 29)
- Re: Wake-up call Joe Klein (Dec 30)
- Re: Wake-up call Jason Lewis (Dec 30)
- <Possible follow-ups>
- Re: Wake-up call Robert G. Ferrell (Dec 30)
- Re: Wake-up call Joe Klein (Dec 30)