Security Incidents mailing list archives
Re: Lengthy probes of port 8500
From: robinton () GMX de (Soeren Ziehe)
Date: 06 Sep 2001 11:25:00 +0100
In article <3B95D970.C9982F62 () bigfoot com> [05 Sep 01] Paul Gear <paul () gear dyndns org> wrote:
Has anyone seen probes like this in the last few days? I've never seen them before, then last night i got more than 300 attempts in a little over 2 hours.
Sep 4 18:53:39 xxx kernel: Packet log: input DENY ppp0 PROTO=6 a.a.30.66:1761 x.x.16.93:8500 L=48 S=0x00 I=65349 F=0x4000 T=117 SYN (#67)
I haven't seen probes for that port, but I can shed some light onto what this may be, I guess. Port 8500 is the standard port for the "gatherd" component of the "harvest" distributed search engine/network. Robinton -- Fuer das grosse Chaos haben wir Computer. Die uebrigen Fehler machen wir von Hand. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Lengthy probes of port 8500 Paul Gear (Sep 05)
- Re: Lengthy probes of port 8500 Soeren Ziehe (Sep 06)