PaulDotCom mailing list archives
TCP protocol decimal type 210
From: jim.halfpenny at gmail.com (Jim Halfpenny)
Date: Mon, 22 Jun 2009 09:56:59 +0100
Hi, First things that spring to mind are DDoS traffic, warez traffic or a malware back channel. Have you done any analysis on the packet contents other than the protocol number? Jim According 2009/6/22 Dale Stirling <dale at puredistortion.com>
Hi All, I have a box that is routinely using in excess of 4GB a day in traffic in from the internet. I have identified that the traffic is coming to the box via an IP Protocol number I have never seen before: 210. I have done some searching on the Internet and have only been able to find that this number is in the unassigned block of protocol numbers with IANA. I am stuck so I thought I would through it out to the smartest group of people I know the PDC Mailing (I heard flatery works well) list to see if any one has seen this before. Cheers, Dale _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090622/2bb29a2c/attachment.htm
Current thread:
- TCP protocol decimal type 210 Dale Stirling (Jun 21)
- TCP protocol decimal type 210 Jim Halfpenny (Jun 22)
- TCP protocol decimal type 210 Robin Wood (Jun 22)
- TCP protocol decimal type 210 Michael McGrew (Jun 22)
- TCP protocol decimal type 210 Jim Halfpenny (Jun 22)
- TCP protocol decimal type 210 Dale Stirling (Jun 22)
- TCP protocol decimal type 210 Jim Halfpenny (Jun 22)