Security Incidents mailing list archives
Re: Munged Napster Sessions
From: ifightspam () BIGFOOT COM (Aussie)
Date: Sat, 18 Mar 2000 03:57:32 +1100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vanja Hrustic <vanja () RELAYGROUP COM> wrote:
A silly question: is any of sites involved located at *.demon.co.uk, by any chance? I think that quite many people these days are seeing false alarms caused by traffic which comes from demon. Demon blames it on "network equipment". For example, a guy (using demon.co.uk) is browsing my website, and during that session, a packet is sent to random high port (like 3xxxx). Packets are really strange; sometimes they have all bits set, sometimes not. I just got used to that :)
Actually, I have a couple of ICQ contacts that are connecting through demon.co.uk and I get at least 2 odd connection attempts each time they send to me or receive a message from me. These ports can be in 3xxxx or right down to 20, 24, 90 etc. I've never worked out why they are sending the packets, and ICQ works perfectly anyway, so I would be interested to know why I'm getting stupid connection attempts ONLY from this ISP. Aussie -----BEGIN PGP SIGNATURE----- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: Please verify this signature. http://www.pgpi.com iQA/AwUBONHXXJZb9oayhFBBEQL+0wCaA6ww/3KS2gUxvl9vAuGxVQH8L7kAoKjz X+wLUbZPxNc9MI7wOedc1Zub =yjSJ -----END PGP SIGNATURE-----
Current thread:
- Re: Munged Napster Sessions Stephen P. Berry (Mar 17)
- <Possible follow-ups>
- Re: Munged Napster Sessions Aussie (Mar 17)
- Re: Munged Napster Sessions Michael Damm (Mar 20)
- Re: Munged Napster Sessions Fyodor (Mar 20)