OT: increased activoty on port 111, anyone?

["Martijn Heemels" <martijn () yggdrasil yi org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

During the last week the portsentry boobytrap on port 111 (portmap)
on my linux box has been hit a lot more than usual. Port 111 is one
of the ports that i use to blackhole portscanners (i know how many of
you feel about automatic firewalling, but this is a small homeserver
and the risk of a dos attack by spoofing is acceptable to me).

Also, during the same period i've been getting a lot of 'Lame server'
warnings from my nameserver (runs on the same host), while before I
hardly ever got one.

The timing is a little suspect, in the light of the Nimda worm, so I
wondered whether any of you have a clue.

Any idea on what could cause this?


Thanks, Martijn

P.S. This is a low-traffic LAN connected to the net via Cable with a
redhat masquerading firewall. The box runs about a dozen servers.

- -- 
.: M. Heemels .:. webdesigner :.
.: Eindhoven, NL, martijn () heemels com :.
.: PGP of S/MIME encrypted e-mail preferred :.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO7IAohLMC0rbivl4EQKMjQCfVuvwx5cUkziuE4ijW4y3RVD0QboAnRoy
9s/bSqed11VSsUvDL9UGia/9
=Ccx+
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: