Security Incidents mailing list archives
Re: Large DNS scans from 211.53.208.178
From: fernando () BN PT (Fernando Cardoso)
Date: Tue, 2 May 2000 10:42:49 +0100
Korea is a classic :) These days Brazil is becoming also a must. This weekend we have DNS scans (zone transfers and/or version query) from dial-up accounts in Portugal, Taiwan and Brazil and from a (surely) compromised server in Brazil. Also probes for IMAP2 and Portmapper and the usual CGI scanning. A normal weekend ;) ______________________________________________ Fernando Cardoso Network Administrator National Library of Portugal
-----Original Message----- From: alann lopes [mailto:alopes () UCSD EDU] Sent: sábado, 29 de Abril de 2000 0:39 To: INCIDENTS () SECURITYFOCUS COM Subject: Large DNS scans from 211.53.208.178 We are seeing a substantial scans of DNS from 211.53.208.178 apparently from Korea... Anyone else? Thank you -- alann ====================================================================== Apr 28 12:23:44 PDT tcp 211.53.208.178(4147) ->132.239.242.207(53), 1 Apr 28 12:23:46 PDT tcp 211.53.208.178(4140) ->132.239.242.202(53), 1 Apr 28 12:23:52 PDT tcp 211.53.208.178(4142) ->132.239.242.203(53), 1 Apr 28 15:07:24 PDT tcp 211.53.208.178(1987) ->132.239.242.206(53), 1 Apr 28 15:07:32 PDT tcp 211.53.208.178(1963) ->132.239.242.195(53), 1 Apr 28 15:07:44 PDT tcp 211.53.208.178(1960) ->132.239.242.192(53), 1 ======================================================================
Current thread:
- Large DNS scans from 211.53.208.178 alann lopes (Apr 28)
- Re: Large DNS scans from 211.53.208.178 Seth Georgion (Apr 30)
- Re: Large DNS scans from 211.53.208.178 Richard Stevenson (May 02)
- Re: Large DNS scans from 211.53.208.178 Bryan Seitz (Apr 30)
- Strange 33434/UDP traffic from MS W2k with Active Directory Eugene Taylashev (May 01)
- more weird traceroutes Donald McLachlan (May 02)
- Re: more weird traceroutes Chad Thunberg (May 02)
- <Possible follow-ups>
- Re: Large DNS scans from 211.53.208.178 Fernando Cardoso (May 02)
- Re: Large DNS scans from 211.53.208.178 Russell Fulton (May 02)
- Re: Large DNS scans from 211.53.208.178 Ed Padin (May 02)
- Re: Large DNS scans from 211.53.208.178 Keith McCammon (May 03)
- Re: Large DNS scans from 211.53.208.178 David B. Bukowski (May 03)
- Re: Large DNS scans from 211.53.208.178 sigipp () WELLA COM BR (May 03)
- Re: Large DNS scans from 211.53.208.178 Seth Georgion (May 03)
- Re: Large DNS scans from 211.53.208.178 Greg A. Woods (May 08)
- Re: Large DNS scans from 211.53.208.178 Seth Georgion (May 03)
- Re: Large DNS scans from 211.53.208.178 Chen, Dave (May 03)
- Re: Large DNS scans from 211.53.208.178 Igor Gashinsky (May 03)
- Re: Large DNS scans from 211.53.208.178 Keith Owens (May 06)
- Re: Large DNS scans from 211.53.208.178 Seth Georgion (Apr 30)