RE: [fw-wiz] port 27015
From: Bill James (bubbagates_at_comcast.net)
Date: 01/03/04
- Previous message: hermit921: "Re: [fw-wiz] port 27015"
- In reply to: hermit921: "Re: [fw-wiz] port 27015"
- Next in thread: Paul Robertson: "Re: [fw-wiz] port 27015"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'hermit921'" <hermit921@yahoo.com>, <firewall-wizards@honor.icsalabs.com> Date: Sat, 3 Jan 2004 17:20:57 -0500
You could have had a previous block of IP's that once had a half-life
server or someone connected to Gamespy from your network
Bill James
The objective of all dedicated employees should be to thoroughly analyze
all situations, anticipate all problems prior to their occurrence, have
answers for these problems, and move swiftly to solve these problems
when called upon.
However, When you are up to your ass in alligators it is difficult to
remind yourself your initial objective was to drain the swamp.
> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com
> [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf
> Of hermit921
> Sent: Friday, January 02, 2004 12:59 PM
> To: firewall-wizards@honor.icsalabs.com
> Subject: Re: [fw-wiz] port 27015
>
> I am aware of the Half-Life game association. What I saw was
> 10 different IP sources scanning my entire class B on port
> 27015, all starting within one hour of each other. That
> didn't sound like a normal game behavior. But after that
> day, the scans didn't return.
>
> hermit921
>
>
> At 02:15 PM 1/1/2004, Don Parker wrote:
> >Hi there, port 27015 is often associated with Half Life
> online gaming
> >servers. Are you running one of these? There are some security
> >considerations to mull over if you are as these can be used in DDoS
> >attacks and the such. Just google for "port 27015 tcp" and
> you will get
> >quite a few hits on it.
> >
> >Cheers,
> >
> >Don
> >
> >-------------------------------------------
> >Don Parker, GCIA
> >Intrusion Detection Specialist
> >Rigel Kent Security & Advisory Services Inc
> www.rigelksecurity.com ph
> >:613.249.8340
> >fax:613.249.8319
> >--------------------------------------------
> >
> >On Dec 22, hermit921 <hermit921@yahoo.com> wrote:
> >
> >Starting at 10:49 UTC December 22 I started seeing a 20-30 incoming
> >packets per second on TCP port 27015. Every few minutes
> another source
> >appeared. Any idea what is going on?
> >
> >Thanks,
> >hermit921
> >
> >_______________________________________________
> >firewall-wizards mailing list
> >firewall-wizards@honor.icsalabs.com
> ><a href='http://honor.icsalabs.com/mailman/listinfo/firewall-
> >wizards'>http://honor.icsalabs.com/mailman/listinfo/firewall-
> wizards</a
> >>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: hermit921: "Re: [fw-wiz] port 27015"
- In reply to: hermit921: "Re: [fw-wiz] port 27015"
- Next in thread: Paul Robertson: "Re: [fw-wiz] port 27015"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
