Security Incidents mailing list archives
RE: Proxy Scans to dial up hosts...
From: "Ascent - Compton, Richard" <RCompton () ascent-corp com>
Date: Fri, 30 Nov 2001 16:34:47 -0600
Hi, There's an article in the newest 2600 mag describing how to do an anonymous port scan using numerous public proxy servers. Thus avoiding detection by an IDS (guess it didn't work too well). I bet that this is where the traffic is coming from. -Rich -----Original Message----- From: Grimes, Shawn (NIA/IRP) [mailto:GrimesSh () grc nia nih gov] Sent: Friday, November 30, 2001 9:14 AM To: incidents () securityfocus com Subject: Proxy Scans to dail up hosts... I notice in my snort logs that I have a box: 193.109.122.5 (proxyscan.undernet.org) That is connecting to some of our dial-up hosts and performing FYN scans on 1080 & 8080 (proxies). Has anyone else seen similar activity? Thank You, Shawn Grimes Computer Specialist NCTS - Gerontology Research Center 410-558-8007 grimessh () grc nia nih gov ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Proxy Scans to dial up hosts... Bill_Royds (Dec 01)
- <Possible follow-ups>
- RE: Proxy Scans to dial up hosts... Ascent - Compton, Richard (Dec 01)