Re: Thousands of attempts to port 35825 and 11090

[ilaiy <ilaiy.e () gmail com>]

http://isc.dshield.org/port_details.php?port=35825&repax=1&tarax=2&srcax=2&percent=N&days=40

http://isc.dshield.org/port_details.php?port=11090&repax=1&tarax=2&srcax=2&percent=N&days=40

Well you should block there traffic or you could send this traffic to
a pcap file for further analysis.

./thanks
ilaiy
On 4 Dec 2006 17:22:51 -0000, artsspamhere () shaw ca <artsspamhere () shaw ca> wrote:
> I'm seeing continuous attempts to these two ports in my router's logs.  Most of the source IP addresses I looked up are in 
> China (I'm in Canada).  What are they after?!
>
> I have searched for hours for info on these two ports and come up empty.  ie. seemingly no known exploits.
>
> Thanks in advance,
> Art
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Black Hat
>
> Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas.
> World renowned security experts reveal tomorrow's threats today. Free of
> vendor pitches, the Briefings are designed to be pragmatic regardless of your
> security environment. Featuring 36 hands-on training courses and 10 conference
> tracks, networking opportunities with over 2,500 delegates from 40+ nations.
>
> http://www.blackhat.com
> ------------------------------------------------------------------------------

------------------------------------------------------------------------------
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. 
World renowned security experts reveal tomorrow's threats today. Free of 
vendor pitches, the Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 36 hands-on training courses and 10 conference 
tracks, networking opportunities with over 2,500 delegates from 40+ nations. 

http://www.blackhat.com
------------------------------------------------------------------------------