Re: Receiving constant hits from random hosts
From: Dave Millen (dave@largesalad.co.uk)Date: 07/10/02
- Previous message: Jeffrey Denton: "Re: Receiving constant hits from random hosts"
- In reply to: Adam Young: "Receiving constant hits from random hosts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Jul 2002 17:54:48 +0100 From: Dave Millen <dave@largesalad.co.uk> To: focus-linux@securityfocus.com
Adam Young wrote:
>---------
>Jul 5 18:00:15 element kernel: (catch-all logging):: IN=eth0 OUT= MAC=*
>SRC=24.127.132.75 DST=24.215.32.42 LEN=48 TOS=0x00 PREC=0x00 TTL=111
>ID=35583 DF PROTO=TCP SPT=4102 DPT=1080 WINDOW=32767 RES=0x00 SYN URGP=0
>
<snip>
>
>
>I get this above scan, along with scans on default 1080/3128(or whatever
>squids port is), and all of these are hourly, almost as if someone has
>setup a cron job to scan my system on the hour each hour. Is this
>normal? I've never seen it so prevelant in my system logs, so I figured
>I'd post. Any ideas or comments would be greatly appreciated.
>
Not sure of your circumstances, but some ISPs do regular scans for open
mail relays and proxies in order to prevent abuse (Blueyonder in the UK
is one). Could this be the cause?
regards,
Dave
-- The marvels of today's modern technology include the development of a soda can which, when discarded will last forever ... and a £12,000 car which, when properly cared for will rust out in two or three years.email: dave@largesalad.co.uk web: www.largesalad.co.uk/DJMsoft
- Previous message: Jeffrey Denton: "Re: Receiving constant hits from random hosts"
- In reply to: Adam Young: "Receiving constant hits from random hosts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
