Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Attack pattern?

From: Eduardo.Martin () icex es
Date: Mon, 21 Dec 1998 13:47:17 +0100
During this very late days I've seen a strange pattern of comms

against a web server. Here it is:


1.- ICMP TYPE 15 (Information Request)
2.- UDP port 161 (snmp)
3.- ICMP TYPE 8 (Echo Request)
4.- TCP port 280 (http-mgmt)
5.- TCP port 80 (http)


Auto-answer ;-)

HP OpenView/Network Node Manager is the author of those strange comms.
Detected by logging the User-Agent on the http request.

Who's interested in managing the hole Internet?. Incredible but true.
;-)

Bye,

Eduardo Martin
Previous By Date Next
Previous By Thread Next

Current thread: