Security Incidents mailing list archives
Strange scan/connection request
From: "Los, Ralph" <rlos () ENVESTNET COM>
Date: Wed, 13 Dec 2000 11:14:06 -0600
List: As of yesterday, we've been getting the following messages on the firewall (minimal logging, unfortunately). Source:128.a.b.c, 50830- Destination:my.main.fw.ip, 33473 Source:128.a.b.c, 50830- Destination:my.main.fw.ip, 33478 It would seem the source port is always the same, and the destination is always in the same range. I wish I had some packet-capture capability, but I regret I do not, yet, as I am just setting this network up for security. Can someone maybe help identify this? Ralph M. Los Sr. Internet Systems & Security Admin. (312) 827-3945 (direct) EnvestNet Advisory Corp. (312) 296-9003 (wireless) rlos () envestnet com
Current thread:
- Strange scan/connection request Los, Ralph (Dec 14)
- <Possible follow-ups>
- Re: Strange scan/connection request Luke Dudney (Dec 15)