Security Incidents mailing list archives
RE: Scans from Moscow
From: "Robert Woods" <robert.woods () percepta-crm com>
Date: Wed, 17 Oct 2001 13:51:12 -0400
Alan, Not many, but enough to rise concern. Not to say these organizations are malicious, but they may be compromised. I usually make contact with the people and work through it with them. Often, if it's an ISP, you have script kiddies or bored computer science students messing around. However, there is always this sort of traffic before a major worm or virus, so we have to be careful these days. Rob -----Original Message----- From: Alan Wright [mailto:AlanJWright () manx net] Sent: Wednesday, October 17, 2001 1:28 PM To: robert.woods () percepta-crm com Cc: incidents () securityfocus com Subject: RE: Scans from Moscow I am going to snip most of my stuff out of this email and just leave yours in, I would think that incidents here is the best place for input. How many hits are you getting from each address? At 19:21 16/10/2001 -0400, you wrote:
Alan, A little messy, but this is a list of my problems over the last week or so, nothing from Russia though.. Do you know of a good site to enter in IP addresses then receive a list of reports from other Administrators? Might be a help to both of us and others. 28-Aug-01 Wiznet Inc. Toronto Ontario Canada 216.129.216.36 http port scans 28-Aug-01 Wiznet Inc. Toronto Ontario Canada 216.129.213.43.stott.wiznet.ca http port scans 15-Oct-01 Wiznet Inc. Toronto Ontario Canada 216.129.217.9 http port scans 15-Oct-01 Business Internet Inc. Tampa Florida United States 216.0.151.158 port 27374 scan 15-Oct-01 Kersur Technologies Manchaug Massachusetes United States 216.129.158.18 http port scans 16-Oct-01 One Care New York New Yorl United States 216.213.85.230 http port scans 11-Oct-01 Taiwan Network Information Centre Taipei Taiwan 202.39.29.198 port 1080 scan 13-Oct-01 Acer Internet Services Inc. Taipei Taiwan 210.67.84.6 printer port scan 14-Oct-01 Korea Telecom Seoul Korea 211.220.193.214 port 22452 scan 14-Oct-01 Korea Network Information Centre Seocho-Dong Seocho-ku Korea 211.196.153.182 printer port scan 9-Oct-01 Korea Network Information Centre Seocho-Dong Seocho-ku Korea 211.46.246.194 Exchange_ports_1 scan 9-Oct-01 Korea Network Information Centre Seocho-Dong Seocho-ku Korea 211.196.153.182 printer port scan 10-Oct-01 Xi'an High Tech Development Xi'an City Shaanxi
China
202.100.26.185 printer port scan 4-Oct-01 Shandong Qingdao Furuitai Chenxi Business Co. Jinan Shandong China 202.110.195.88 printer port scan 10-Oct-01 DigiTel Communications Asia Ltd. Hong Kong Hong Kong 202.122.224.234 Exchange_ports_1 scan 7-Oct-01 HanseNet Telefongesellschaft mbH & Co. KG Hamburg Germany 213.191.86.21 printer port scan 7-Oct-01 HanseNet Telefongesellschaft mbH & Co. KG Hamburg Germany 213.191.86.21 ftp port scan 7-Oct-01 HanseNet Telefongesellschaft mbH & Co. KG Hamburg Germany 213.191.86.21 port 54681 scan 11-Oct-01 Apple Online London United Kingdom 213.219.19.162 port 22 scan (SSH) 5-Oct-01 BT ADSL Sandridge Hertfordshire United Kingdom 213.123.146.178 port 1080 scan 5-Oct-01 BT ADSL Sandridge Hertfordshire United Kingdom 213.123.146.178 ftp port scan-----Original Message----- From: Alan Wright [mailto:AlanJWright () manx net] Sent: Sunday, October 14, 2001 3:11 PM To: security-basics () securityfocus com Subject: Scans from Moscow Anyone else getting http probes out of Moscow College of Business Administration ? Second time this week from Moscow , both from 'organisations' All the best Alan Alan J Wright B.Sc(Hons)(Open) SMS +47624462772. Email AlanJWright () manx net foll478trap () yahoo com 'You're a feisty little one but you'll soon learn respect' Return of the JediAll the best Alan Alan J Wright B.Sc(Hons)(Open) SMS +47624462772. Email AlanJWright () manx net foll478trap () yahoo com 'You're a feisty little one but you'll soon learn respect' Return of the Jedi
All the best Alan Alan J Wright B.Sc(Hons)(Open) SMS +47624462772. Email AlanJWright () manx net foll478trap () yahoo com 'You're a feisty little one but you'll soon learn respect' Return of the Jedi ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: Scans from Moscow Alan Wright (Oct 17)
- RE: Scans from Moscow Robert Woods (Oct 17)