[fw-wiz] New Script Kiddie tool ?

From: Peter Robinson (peter@securegateway.org)
Date: 08/22/02

Next message: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Previous message: Dave Piscitello: "Re: [fw-wiz] concerning ~el8 / project mayhem"
Next in thread: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Reply: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Reply: H. Morrow Long: "Re: [fw-wiz] New Script Kiddie tool ?"
Reply: Jim MacLeod: "Re: [fw-wiz] New Script Kiddie tool ?"
Reply: hermit921: "[fw-wiz] X11 forwarding"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Peter Robinson <peter@securegateway.org>
To: firewall-wizards@honor.icsalabs.com
Date: Thu Aug 22 19:05:01 2002

G/Day all

Has any one seem this sort of probe ??

It apears from all over the place and it seems to be spaced exactly 10
seconds appart.

I am assuming this is a tool of sorts..

Source Address=208.184.139.82
        Aug 22 14:04:21 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:31 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:41 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:51 Firewall 208.184.139.82 61.x.x.x----UDP 53
        Aug 22 14:05:01 Firewall 208.184.139.82 61.x.x.x----UDP 53
        Aug 22 17:00:03 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:13 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:23 Firewall 208.184.139.82 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:33 Firewall 208.184.139.82 61.x.x.x----UDP 53
        Aug 22 17:00:43 Firewall 208.184.139.82 61.x.x.x----UDP 53

Source Address=208.185.54.14
        Aug 22 14:04:21 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:32 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:42 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 14:04:52 Firewall 208.185.54.14 61.x.x.x----UDP 53
        Aug 22 14:05:02 Firewall 208.185.54.14 61.x.x.x----UDP 53
        Aug 22 15:53:32 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:42 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:52 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 15:54:02 Firewall 208.185.54.14 61.x.x.x----UDP 53
        Aug 22 15:54:12 Firewall 208.185.54.14 61.x.x.x----UDP 53
        Aug 22 17:00:02 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:12 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:22 Firewall 208.185.54.14 61.x.x.x----ICMP TYPE=8
        Aug 22 17:00:32 Firewall 208.185.54.14 61.x.x.x----UDP 53
        Aug 22 17:00:42 Firewall 208.185.54.14 61.x.x.x----UDP 53

Source Address=208.225.197.194
        Aug 22 15:53:35 Firewall 208.225.197.194 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:45 Firewall 208.225.197.194 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:55 Firewall 208.225.197.194 61.x.x.x----ICMP TYPE=8
        Aug 22 15:54:05 Firewall 208.225.197.194 61.x.x.x----UDP 53
        Aug 22 15:54:15 Firewall 208.225.197.194 61.x.x.x----UDP 53

Source Address=208.254.18.130
        Aug 22 15:53:31 Firewall 208.254.18.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:41 Firewall 208.254.18.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:51 Firewall 208.254.18.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:54:02 Firewall 208.254.18.130 61.x.x.x----UDP 53
        Aug 22 15:54:11 Firewall 208.254.18.130 61.x.x.x----UDP 53

Source Address=208.254.75.130
        Aug 22 15:53:32 Firewall 208.254.75.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:42 Firewall 208.254.75.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:53:52 Firewall 208.254.75.130 61.x.x.x----ICMP TYPE=8
        Aug 22 15:54:02 Firewall 208.254.75.130 61.x.x.x----UDP 53
        Aug 22 15:54:12 Firewall 208.254.75.130 61.x.x.x----UDP

Peter Robinson
Senior Security Engineer - Sydney
DeMorgan Information Security Specialists
robinson_p@demorgan.com.au, www.demorgan.com.au,
Tel. 1800 336 674
Tel. +61 2 9929-0377
Fax +61 2 9499 4885

Next message: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Previous message: Dave Piscitello: "Re: [fw-wiz] concerning ~el8 / project mayhem"
Next in thread: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Reply: Kendall Risselada: "RE: [fw-wiz] New Script Kiddie tool ?"
Reply: H. Morrow Long: "Re: [fw-wiz] New Script Kiddie tool ?"
Reply: Jim MacLeod: "Re: [fw-wiz] New Script Kiddie tool ?"
Reply: hermit921: "[fw-wiz] X11 forwarding"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [fw-wiz] New Script Kiddie tool ?
... Has any one seem this sort of probe ?? ... It apears from all over the place and it seems to be spaced exactly 10 ... Senior Security Engineer - Sydney ...
(Firewall-Wizards)
Re: Pool leak detector?
... > Has anyone had any experience with some sort of above ground pool leak ... > resistance between the probe and ground and then as I got closer to the ... > the restiance would go down. ...
(rec.radio.amateur.homebrew)
Hi Frequency Voltage Probe
... So now I am thinking of some sort of homemade active probe. ... transistor, a coupling cap, and a load resistor. ... of MMICs showed up in the junkbox. ...
(sci.electronics.repair)
Pool leak detector?
... Has anyone had any experience with some sort of above ground pool leak ... I figures if I could connect one probe to some sort of sensitive ... the restiance would go down. ...
(rec.radio.amateur.homebrew)
Re: error :list out of range
... i get an error like this how do i sort the error out to get result ... explicit: "some index" used as a subscript on "some list" is out of the allowed range. ... invalid index when the list is empty; but the 4 is much more suspicious. ... "Holds current_span, probe, and length" ...
(comp.lang.python)