Security Incidents mailing list archives
Is this a traceroute?
From: Ford Prefect <huston () elvis rowan edu>
Date: Wed, 25 Jul 2001 23:31:23 -0400 (EDT)
I'm not worried about this scan, simply because I'm confident in my firewall (namely 'cause almost everything's closed off, and what isn't I keep up with on exploits and such), but I usually raise an eyebrow when there's more than a packet or two. Before I fire off a letter to some ISP, however, is this "scan" a traceroute that failed because of the firewall? I wouldn't consider myself strong enough with packet fingerprinting to just look at it and know, so I want to ask here before I make an ass of myself to another admin *grin* (IP addresses filtered out) Jul 20 18:38:10 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33507 L=40 S=0x00 I=53411 F=0x0000 T=1 (#65) Jul 20 18:38:15 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33508 L=40 S=0x00 I=53412 F=0x0000 T=1 (#65) Jul 20 18:38:20 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33509 L=40 S=0x00 I=53413 F=0x0000 T=1 (#65) Jul 20 18:38:25 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33510 L=40 S=0x00 I=53414 F=0x0000 T=2 (#65) Jul 20 18:38:30 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33511 L=40 S=0x00 I=53415 F=0x0000 T=2 (#65) Jul 20 18:38:35 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33512 L=40 S=0x00 I=53416 F=0x0000 T=2 (#65) Jul 20 18:38:40 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33513 L=40 S=0x00 I=53417 F=0x0000 T=3 (#65) Jul 20 18:38:45 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33514 L=40 S=0x00 I=53418 F=0x0000 T=3 (#65) Jul 20 18:38:50 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33515 L=40 S=0x00 I=53419 F=0x0000 T=3 (#65) Jul 20 18:38:55 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33516 L=40 S=0x00 I=53420 F=0x0000 T=4 (#65) Jul 20 18:39:00 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33517 L=40 S=0x00 I=53421 F=0x0000 T=4 (#65) Jul 20 18:39:05 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33518 L=40 S=0x00 I=53422 F=0x0000 T=4 (#65) Jul 20 18:39:10 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33519 L=40 S=0x00 I=53423 F=0x0000 T=5 (#65) Jul 20 18:39:15 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33520 L=40 S=0x00 I=53424 F=0x0000 T=5 (#65) Jul 20 18:39:20 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33521 L=40 S=0x00 I=53425 F=0x0000 T=5 (#65) Jul 20 18:39:25 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33522 L=40 S=0x00 I=53426 F=0x0000 T=6 (#65) Jul 20 18:39:30 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33523 L=40 S=0x00 I=53427 F=0x0000 T=6 (#65) Jul 20 18:39:35 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33524 L=40 S=0x00 I=53428 F=0x0000 T=6 (#65) Jul 20 18:39:40 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33525 L=40 S=0x00 I=53429 F=0x0000 T=7 (#65) Jul 20 18:39:45 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33526 L=40 S=0x00 I=53430 F=0x0000 T=7 (#65) Jul 20 18:39:50 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33527 L=40 S=0x00 I=53431 F=0x0000 T=7 (#65) Jul 20 18:39:55 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33528 L=40 S=0x00 I=53432 F=0x0000 T=8 (#65) Jul 20 18:40:00 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33529 L=40 S=0x00 I=53433 F=0x0000 T=8 (#65) Jul 20 18:40:05 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33530 L=40 S=0x00 I=53434 F=0x0000 T=8 (#65) Jul 20 18:40:10 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33531 L=40 S=0x00 I=53435 F=0x0000 T=9 (#65) Jul 20 18:40:15 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33532 L=40 S=0x00 I=53436 F=0x0000 T=9 (#65) Jul 20 18:40:20 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33533 L=40 S=0x00 I=53437 F=0x0000 T=9 (#65) Jul 20 18:40:25 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33534 L=40 S=0x00 I=53438 F=0x0000 T=10 (#65) Jul 20 18:40:30 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33535 L=40 S=0x00 I=53439 F=0x0000 T=10 (#65) Jul 20 18:40:35 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33536 L=40 S=0x00 I=53440 F=0x0000 T=10 (#65) Jul 20 18:40:40 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33537 L=40 S=0x00 I=53441 F=0x0000 T=11 (#65) Jul 20 18:40:45 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33538 L=40 S=0x00 I=53442 F=0x0000 T=11 (#65) Jul 20 18:40:50 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33539 L=40 S=0x00 I=53443 F=0x0000 T=11 (#65) Jul 20 18:40:55 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33540 L=40 S=0x00 I=53444 F=0x0000 T=12 (#65) Jul 20 18:41:00 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33541 L=40 S=0x00 I=53445 F=0x0000 T=12 (#65) Jul 20 18:41:05 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33542 L=40 S=0x00 I=53446 F=0x0000 T=12 (#65) Jul 20 18:41:20 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33545 L=40 S=0x00 I=53449 F=0x0000 T=13 (#65) Jul 20 18:41:25 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33546 L=40 S=0x00 I=53450 F=0x0000 T=14 (#65) Jul 20 18:41:30 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33547 L=40 S=0x00 I=53451 F=0x0000 T=14 (#65) Jul 20 18:41:35 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33548 L=40 S=0x00 I=53452 F=0x0000 T=14 (#65) Jul 20 18:41:40 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33549 L=40 S=0x00 I=53453 F=0x0000 T=15 (#65) Jul 20 18:41:45 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33550 L=40 S=0x00 I=53454 F=0x0000 T=15 (#65) Jul 20 18:41:50 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33551 L=40 S=0x00 I=53455 F=0x0000 T=15 (#65) Jul 20 18:41:55 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33552 L=40 S=0x00 I=53456 F=0x0000 T=16 (#65) Jul 20 18:42:00 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33553 L=40 S=0x00 I=53457 F=0x0000 T=16 (#65) Jul 20 18:42:05 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33554 L=40 S=0x00 I=53458 F=0x0000 T=16 (#65) Jul 20 18:42:10 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33555 L=40 S=0x00 I=53459 F=0x0000 T=17 (#65) Jul 20 18:42:15 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33556 L=40 S=0x00 I=53460 F=0x0000 T=17 (#65) Jul 20 18:42:20 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33557 L=40 S=0x00 I=53461 F=0x0000 T=17 (#65) Jul 20 18:42:25 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33558 L=40 S=0x00 I=53462 F=0x0000 T=18 (#65) Jul 20 18:42:30 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33559 L=40 S=0x00 I=53463 F=0x0000 T=18 (#65) Jul 20 18:42:35 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33560 L=40 S=0x00 I=53464 F=0x0000 T=18 (#65) Jul 20 18:42:40 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33561 L=40 S=0x00 I=53465 F=0x0000 T=19 (#65) Jul 20 18:42:46 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33562 L=40 S=0x00 I=53466 F=0x0000 T=19 (#65) Jul 20 18:42:50 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33563 L=40 S=0x00 I=53467 F=0x0000 T=19 (#65) Jul 20 18:42:55 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33564 L=40 S=0x00 I=53468 F=0x0000 T=20 (#65) Jul 20 18:43:00 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33565 L=40 S=0x00 I=53469 F=0x0000 T=20 (#65) Jul 20 18:43:05 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33566 L=40 S=0x00 I=53470 F=0x0000 T=20 (#65) Jul 20 18:43:11 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33567 L=40 S=0x00 I=53471 F=0x0000 T=21 (#65) Jul 20 18:43:15 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33568 L=40 S=0x00 I=53472 F=0x0000 T=21 (#65) Jul 20 18:43:21 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33569 L=40 S=0x00 I=53473 F=0x0000 T=21 (#65) Jul 20 18:43:26 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33570 L=40 S=0x00 I=53474 F=0x0000 T=22 (#65) Jul 20 18:43:31 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33571 L=40 S=0x00 I=53475 F=0x0000 T=22 (#65) Jul 20 18:43:36 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33572 L=40 S=0x00 I=53476 F=0x0000 T=22 (#65) Jul 20 18:43:41 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33573 L=40 S=0x00 I=53477 F=0x0000 T=23 (#65) Jul 20 18:43:46 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33574 L=40 S=0x00 I=53478 F=0x0000 T=23 (#65) Jul 20 18:43:51 joshua kernel: Packet log: input DENY eth1 PROTO=17 x.x.x.x:53338 x.x.x.x:33575 L=40 S=0x00 I=53479 F=0x0000 T=23 (#65) -- Steve Huston - New Jersey, USA | ICBM: 39.458278 -74.65117 "Listen, your friends have been broken, they tell us of your poison; now we know. Kill them, give them as they give us. Slay them, burn their children's laughter - On To Hell." -- Yes, "The Gates of Delirium"
Attachment:
_bin
Description:
Current thread:
- Is this a traceroute? Ford Prefect (Jul 26)
- Re: Is this a traceroute? Blake Frantz (Jul 26)