Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

TCP Port 2888

From: hektor () RZ RWTH-AACHEN DE (Jens Hektor)
Date: Tue, 9 May 2000 12:11:12 -0000

Hi,

and again we had a portscan on port 2888/tcp.

It does not show up in any of the lists I know,
has anyone better info on that ?

Bye, Jens

Here are the logs:
May  9 05:10:05.423 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2832) -> 134.130.Y.1(2888), 1
packet
May  9 05:10:07.571 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2838) -> 134.130.Y.4(2888), 1
packet
May  9 05:10:09.771 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2871) -> 134.130.Y.35(2888), 1
packet
May  9 05:10:11.431 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2883) -> 134.130.Y.44(2888), 1
packet
May  9 05:10:12.751 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2872) -> 134.130.Y.36(2888), 1
packet
May  9 05:10:13.751 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2915) -> 134.130.Y.73(2888), 1
packet
May  9 05:10:15.815 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2929) -> 134.130.Y.85(2888), 1
packet
May  9 05:10:16.939 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2941) -> 134.130.Y.94(2888), 1
packet
May  9 05:10:18.751 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2930) -> 134.130.Y.86(2888), 1
packet
May  9 05:10:19.851 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(2942) -> 134.130.Y.95(2888), 1
packet
May  9 05:10:21.355 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3001) -> 134.130.Y.135(2888), 1
packet
/var/log/advanced/local7.info:May  9 05:10:23 c6k-rz 788:
May  9 05:10:22.431 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3018) -> 134.130.Y.144(2888), 1
packet
May  9 05:10:24.287 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3003) -> 134.130.Y.137(2888), 1
packet
May  9 05:10:25.391 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3020) -> 134.130.Y.146(2888), 1
packet
May  9 05:10:26.575 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3077) -> 134.130.Y.185(2888), 1
packet
May  9 05:10:27.595 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3042) -> 134.130.Y.162(2888), 1
packet
May  9 05:10:29.495 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3077) -> 134.130.Y.185(2888), 1
packet
May  9 05:10:30.595 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3086) -> 134.130.Y.194(2888), 1
packet
May  9 05:10:31.907 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3133) -> 134.130.Y.235(2888), 1
packet
May  9 05:10:33.031 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3144) -> 134.130.Y.244(2888), 1
packet
May  9 05:10:34.895 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3140) -> 134.130.Y.242(2888), 1
packet
May  9 05:10:35.991 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3146) -> 134.130.Y.246(2888), 1
packet
May  9 05:15:38.527 MEZS: %SEC-6-IPACCESSLOGP: list 100
denied tcp 24.114.33.135(3150) -> 134.130.Y.250(2888), 1
packet
Previous By Date Next
Previous By Thread Next

Current thread: