nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network Probes

From: "Henry R. Linneweh" <linneweh () concentric net>
Date: Thu, 09 Mar 2000 13:04:06 -0800

Vitts Networks (NETBLK-VITT-1BLK)
                    77 Sundial Ave
                    Manchester, NH 03103
                    US

                    Netname: VITT-1BLK
                    Netblock: 216.64.0.0 - 216.64.127.255
                    Maintainer: VITT

                    Coordinator:
                       domreg  (DOM68-ORG-ARIN)  domreg () VITTS COM
                       603-656-8000
              Fax - 603-656-8100

                    Domain System inverse mapping provided by:

                    NS1.VITTS.COM                216.64.31.76
                    NS2.VITTS.COM                216.64.117.21

                    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

                    Rwhois reassignment information for this block is
available at
                    rwhois.vitts.net 4321

                    Record last updated on 30-Nov-1999.
                    Database last updated on 9-Mar-2000 06:42:18 EDT.

Scott McGrath wrote:


Hi,

Has anyone else noticed probes against their network with a spoofed
source address
and Src (80) and Dst(2183)

---Snip.
Mar  8 17:40:16: %SEC-6-IPACCESSLOGP: list 110 denied tcp
216.52.56.50(80) (Ser
ial0 *PPP*) -> 216.64.1.198(2183), 1 packet
.Mar  8 17:44:28: %SEC-6-IPACCESSLOGP: list 110 denied tcp
208.194.150.10(80) (S
erial0 *PPP*) -> 216.64.1.142(2183), 1 packet
.Mar  8 17:45:45: %SEC-6-IPACCESSLOGP: list 110 denied tcp
216.52.56.50(80) (Ser
ial0 *PPP*) -> 216.64.1.198(2183), 3 packets
.Mar  8 17:49:45: %SEC-6-IPACCESSLOGP: list 110 denied tcp
208.194.150.10(80) (S
erial0 *PPP*) -> 216.64.1.142(2183), 2 packets
.Mar  9 07:39:04: %SEC-6-IPACCESSLOGP: list 110 denied tcp
209.143.228.10(80) (S
erial0 *PPP*) -> 216.64.1.82(2183), 1 packet
.Mar  9 07:44:18: %SEC-6-IPACCESSLOGP: list 110 denied tcp
209.143.228.10(80) (S
erial0 *PPP*) -> 216.64.1.82(2183), 9 packets
.Mar  9 09:53:46: %SEC-6-IPACCESSLOGP: list 110 denied tcp
209.185.181.10(80) (S
erial0 *PPP*) -> 216.64.1.227(2183), 1 packet
.Mar  9 09:59:24: %SEC-6-IPACCESSLOGP: list 110 denied tcp
209.185.181.10(80) (S
erial0 *PPP*) -> 216.64.1.227(2183), 9 packets
.Mar  9 12:11:55: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80)
(Serial0
 *PPP*) -> 216.64.1.144(1319), 1 packet
.Mar  9 12:17:29: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80)
(Serial0
 *PPP*) -> 216.64.1.144(1319), 8 packets
.Mar  9 12:22:30: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80)
(Serial0
 *PPP*) -> 216.64.1.144(1319), 4 packets
---snip

Thanks


--
Thank you;
|--------------------------------------------|
| Thinking is a learned process so is UNIX   |
|--------------------------------------------|
Henry R. Linneweh
Previous By Date Next
Previous By Thread Next

Current thread: