Re: Source port 0 and from a 0 network to boot?

[junkma1l () cox net]

The destination website advises they're experiencing 'server problems'.  I would have to guess it's a trojan or botnet 
DDoS/SYN flood attack.  

As far as the port 0 traffic, a quote from an old Neohapisis archive "Using TCP port 0 is a common tactic to avoid some 
badly written packet
filters.... Some net admins fail to realize that there is a port 0,
thinking that the lowest port number is 1, and thus don't account for it
when writing firewall rules.

An attacker gains the advantage of possibly bypassing firewall rules, or
badly written intrusion sensors.

It should also be noted that very, very, old versions of DNS were done on
port 0, but that wasn't done using TCP."

Probably just disguising the attacking host (though not very well) to slow down the filtering/blocking of attackers.