Security Basics mailing list archives
RE: newbie wanting some info !!
From: "Ryan Belcher" <Ryanb () sealevel com>
Date: Tue, 19 Aug 2003 12:53:17 -0400
Hi Ozzy, Port 80 is for HTTP traffic and port 21 is for FTP traffic, people love to scan around those ports all day long. It's gotten to the point to where I just ignore most of that traffic at home since it's so prevalent. If you're actually running a FTP or Web server, I may be more aloof and look for specific types of requests to and fro, but on the most part, I wouldn't worry too much. Ryan -----Original Message----- From: osden [mailto:osden77 () hotmail com] Sent: Tuesday, August 19, 2003 3:59 AM To: Security-basics () SecurityFocus com Cc: incidents () securityfocus com Subject: newbie wanting some info !! Cheers to all...... i have a ADSL connection to my home PC and have NAV and ZONE ALARM installed as my AV and Firewall. Zone Alarm has been set to the highest security settings. I have a utility called Attacker from www.foundstone.com listening at my ports. I have been observing all kind of scans from this following IPs 207.40.146.171 dsl-d-171.nortex.net 203.241.146.5 user5.s146.samsung.co.kr 66.75.223.169 cpe-66-75-223-169.bak.rr.com trying to connect to my port 80 from various ports. repeatedly also i have this IP scanning repeatedly at my port 21 from various ports: 80.181.56.143 host143-56.pool80181.interbusiness.it Well when i scan them back every host that is found LIVE has Port 5000 listening. Is this something to do with that?? or is anyone else also experiencing something like that. According to my information port 5000 [UPnP / filmaker.com / Socket de Troie (Windows Trojan)] else the box is Win32 listening to auto detection of hardware. Can anyone comment on this and let me know. Any information provided will be really helpful. Thankx in advance. Kind Regards, Ozzy [SCAN EVERYTHING] Kind Regards, Osden Fernandes [SCAN EVERYTHING] --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications - Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: newbie wanting some info !! Ryan Belcher (Aug 19)