Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: anyone else seen an increase in sunrpc scans these days?

From: Ed Woodson <edwo01 () HOTMAIL COM>
Date: Mon, 15 Jan 2001 15:41:48 -0800
Derek Kwan wrote:

<SNIP>
Also there is a scan from 24.0.0.203 (authorized-scan1.security.home.net)
on port 119 atleast 2-3 times daily too. Does other cable modem user have
a similiar scan on their machine?
<SNIP>

See the following:
http://rogers.home.com/servlet/support.viewentries?entrytype=3

This from their "Resolved Investigations":

Title: NNTP Scanning (24.0.0.203)
Synopsis:
Source IP: 24.0.0.203 (authorized-scan1.security.home.net)
Target Port: 119
Violation Date: None
Resolution Date: None
Notes: This scanning is done proactivly by @Home to find insecure proxy
software that may be allowing thirdparty access to our Usenet servers. These
are ongoing scans and may be done at any time


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
Previous By Date Next
Previous By Thread Next

Current thread: