Security Incidents mailing list archives
Re: Distributed Scanning?
From: bejtlich () TEXAS NET (Richard Bejtlich)
Date: Sun, 9 Jan 2000 05:37:00 -0000
As I read my Stevens, these look like more ICMP time exceeded messages, which many a person here are still trying to deciper? Richard --- We started getting what looks like a distributed scan today: Jan 6 22:31:29 140 Deny ICMP:11.0 209.162.216.1 204.238.179.0 in via vx3 Jan 6 22:33:24 140 Deny ICMP:11.0 168.126.240.254 204.238.179.0 in via vx3 Jan 6 22:39:39 140 Deny ICMP:11.0 216.32.51.146 204.238.179.0 in via vx3
Current thread:
- Distributed Scanning? Missouri FreeNet Administration (Jan 06)
- Ports 12345, 5742 and 20034 Artur Nowak (Jan 08)
- Re: Ports 12345, 5742 and 20034 Michal Rok (Jan 10)
- Re: Ports 12345, 5742 and 20034 Artur Nowak (Jan 11)
- Re: Ports 12345, 5742 and 20034 Michal Rok (Jan 10)
- Re: Distributed Scanning? Richard Bejtlich (Jan 08)
- Port 4 Arne Vidar Sjønøs (Jan 09)
- Re: Port 4 Keith Owens (Jan 10)
- Re: Port 4 Sean Sosik-Hamor (Jan 11)
- Re: Port 4 Philipp Buehler (Jan 11)
- Re: Port 4 Sean Sosik-Hamor (Jan 11)
- Re: Port 4 Boris Badenov (Jan 11)
- IRC-bots: what are they for ? Jens Hektor (Jan 12)
- Re: IRC-bots: what are they for ? Jon Paul, Nollmann (Jan 12)
- Re: IRC-bots: what are they for ? SecOrg (Jan 12)
- Re: IRC-bots: what are they for ? Ninja Information Systems. (Jan 12)
- Ports 12345, 5742 and 20034 Artur Nowak (Jan 08)