Security Incidents mailing list archives
strange logs -- tcp port 16166
From: "Jiang Peng" <pengf () hotmail com>
Date: Wed, 25 Jun 2003 11:00:16 +0800
Hi all, For the last month, I received the following log message continuelly = from the PIX firewall: %PIX-4-106023: Deny tcp src outside:87.104.162.116/64604 dst = inside:hostname/16166 by access-group "out side_access_in" At first, there were only a couple of messages every day, but from last = week, there are 30-40 messages every day. All the message has the same source, source port and same destination, = destination port. The destination is our external DNS server. I checked = google, but still no idea what kind of services running on port 16166. Does anyone have any clues for this message? Thanks, Jiang ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- strange logs -- tcp port 16166 Jiang Peng (Jun 24)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- <Possible follow-ups>
- RE: strange logs -- tcp port 16166 James C. Slora, Jr. (Jun 25)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- Re: strange logs -- tcp port 16166 James C. Slora Jr. (Jun 25)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- Re: strange logs -- tcp port 16166 tcleary2 (Jun 26)
- Re: strange logs -- tcp port 16166 Justin Pryzby (Jun 27)