Security Incidents mailing list archives
Wake-up call
From: "Los, Ralph" <rlos () ENVESTNET COM>
Date: Fri, 29 Dec 2000 00:39:05 -0600
Hey everyone, Thought you might be interested in this one, pardon if it's already been seen. 12/27/2000 11:56:19.192 - UDP packet dropped - Source:209.91.163.236, 1030, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 11:57:19.288 - UDP packet dropped - Source:209.91.163.236, 1030, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 11:58:22.368 - UDP packet dropped - Source:63.17.37.124, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 11:59:27.800 - UDP packet dropped - Source:24.65.240.83, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 12:00:37.848 - UDP packet dropped - Source:24.65.240.83, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 12:01:54.160 - UDP packet dropped - Source:24.24.147.33, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 12:03:14.592 - UDP packet dropped - Source:24.24.147.33, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 12/27/2000 12:04:37.800 - UDP packet dropped - Source:24.9.220.84, 28800, WAN - Destination:my.firewall.ip.num, 28800, LAN - - 1. Can someone help me analyze this? (No packet dumps unfortunately, just this) 2. Is there a site that exists that can better help me find port-scan associations? SANS institute's web site seems a little lacking in the department! Regards, Ralph M. Los Sr. Internet Systems & Security Admin. (312) 827-3945 (direct) EnvestNet Advisory Corp. (312) 296-9003 (wireless) rlos () envestnet com
Current thread:
- Wake-up call Los, Ralph (Dec 29)
- Re: Wake-up call Joe Klein (Dec 30)
- Re: Wake-up call Jason Lewis (Dec 30)
- <Possible follow-ups>
- Re: Wake-up call Robert G. Ferrell (Dec 30)
- Re: Wake-up call Joe Klein (Dec 30)