Firewall Wizards mailing list archives
Re: Attack pattern?
From: Eduardo.Martin () icex es
Date: Mon, 21 Dec 1998 13:47:17 +0100
During this very late days I've seen a strange pattern of comms
against a web server. Here it is:
1.- ICMP TYPE 15 (Information Request) 2.- UDP port 161 (snmp) 3.- ICMP TYPE 8 (Echo Request) 4.- TCP port 280 (http-mgmt) 5.- TCP port 80 (http)
Auto-answer ;-) HP OpenView/Network Node Manager is the author of those strange comms. Detected by logging the User-Agent on the http request. Who's interested in managing the hole Internet?. Incredible but true. ;-) Bye, Eduardo Martin
Current thread:
- Attack pattern? Eduardo . Martin (Dec 22)
- <Possible follow-ups>
- Re: Attack pattern? Eduardo . Martin (Dec 22)