Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Scans from proxyprotector.com

From: "Justin Coffi" <jcoffi () hotmail com>
Date: Sat, 17 May 2003 10:35:08 -0700
What information supplied by google suggested that?

-----Original Message-----
From: George Theall [mailto:theall () tifaware com] 
Sent: Saturday, May 17, 2003 9:49 AM
To: incidents () securityfocus com
Subject: Re: Scans from proxyprotector.com

On Sat, May 17, 2003 at 11:31:12AM +0100, Mark Ng wrote:


After reading their site (www.proxyprotector.com) , it appears that

this is

to do with connections to IRC servers, They don't claim to be scanning

the

whole Internet - are these scans against hosts that you use IRC from ?


My home machine has been scanned by them once daily for the past four
days.  Each time, tcp ports 1080, 3128, and 8080 are targetted.  I don't
use IRC and have never attempted to connect to any hosts on
proxyprotector.com's network, certainly not for the past week for which
I keep logs. 

Googling news for proxyprotector as well as 64.201.104.2 (the host they
seem to scan from) suggests they're black hats. 

George
-- 
theall () tifaware com

----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: