Security Incidents mailing list archives
Strange scan in progress
From: Jerry Walsh <jerry () NITROWEB NET>
Date: Mon, 16 Oct 2000 15:28:25 +0100
Anyone have any idea of what's going on here? Looks like some decoy hosts involved too.. Oct 16 15:11:34 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33483 from 205.232.143.227:47879 Oct 16 15:11:38 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33484 from 205.232.143.227:47879 Oct 16 15:11:38 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33485 from 205.232.143.227:47879 Oct 16 15:12:00 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33480 from 208.49.8.134:37154 Oct 16 15:12:00 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33481 from 208.49.8.134:37154 Oct 16 15:12:00 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33482 from 208.49.8.134:37154 Oct 16 15:12:53 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33480 from 209.97.65.33:40888 Oct 16 15:12:53 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33481 from 209.97.65.33:40888 Oct 16 15:12:53 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33482 from 209.97.65.33:40888 Oct 16 15:14:11 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33486 from 159.87.67.4:44739 Oct 16 15:14:11 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33487 from 159.87.67.4:44739 Oct 16 15:14:11 XXXXXX /kernel: Connection attempt to UDP xxx.xxx.xxx.xxx:33488 from 159.87.67.4:44739 Jerry.
Current thread:
- Strange scan in progress Jerry Walsh (Oct 16)
- Re: Strange scan in progress Marcel de Riedmatten (Oct 16)