Full Disclosure mailing list archives

Yahoo telnet scans?

From: James Lay <jlay () slave-tothe-box net>
Date: Wed, 20 Jul 2005 07:23:04 -0600

Here's a snippet of what I have...in total I have 95 of these starting
from April 14th.  Only thing I am connected to is:

http://tv.yahoo.com/grid?.force=p&setlineupcookie=true

Jul 14 06:19:05 homebox kernel: New,invalid TCP: IN=eth0 OUT=
MAC=00:04:75:80:dc:08:00:0f:90:27:ef:34:08:00 SRC=216.34.77.12
DST=24.116.255.102 LEN=40 TOS=0x00 PREC=0x00 TTL=117 ID=45983 DF
PROTO=TCP SPT=1299 DPT=23 WINDOW=8760 RES=0x00 SYN URGP=0 

Jul 17 02:31:53 homebox kernel: New,invalid TCP: IN=eth0 OUT=
MAC=00:04:75:80:dc:08:00:0f:90:27:ef:34:08:00 SRC=216.34.77.12
DST=24.116.255.102 LEN=40 TOS=0x00 PREC=0x00 TTL=117 ID=26237 DF
PROTO=TCP SPT=1299 DPT=23 WINDOW=8760 RES=0x00 SYN URGP=0 

Jul 19 22:44:41 homebox kernel: New,invalid TCP: IN=eth0 OUT=
MAC=00:04:75:80:dc:08:00:0f:90:27:ef:34:08:00 SRC=216.34.77.12
DST=24.116.255.102 LEN=40 TOS=0x00 PREC=0x00 TTL=117 ID=2500 DF
PROTO=TCP SPT=1299 DPT=23 WINDOW=8760 RES=0x00 SYN URGP=0 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Yahoo telnet scans? James Lay (Jul 20)