portscan on tcp ports 1024 to 1280
From: Fletcher Mattox (fletcher@cs.utexas.edu)Date: 10/17/01
- Previous message: Markus De Shon: "New email worm DarkMachine"
- Next in thread: Joshua_Hiller@aeanet.org: "Re: portscan on tcp ports 1024 to 1280"
- Reply: Joshua_Hiller@aeanet.org: "Re: portscan on tcp ports 1024 to 1280"
- Reply: dr john halewood: "Re: portscan on tcp ports 1024 to 1280"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200110171705.f9HH5eM29180@hank.cs.utexas.edu> From: "Fletcher Mattox" <fletcher@cs.utexas.edu> Date: Wed, 17 Oct 2001 12:05:39 -0500 To: incidents@securityfocus.com Subject: portscan on tcp ports 1024 to 1280
What application or exploit probes every tcp port between 1024 and 1280
(i.e. 256 different ports in random order). The source port is always
80 or 0. Every host on our network is being scanned in this manner from
several different places. Some source ip addresses are:
65.203.157.138
65.203.157.29
66.150.15.150
209.15.44.204
Thanks
Fletcher
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Markus De Shon: "New email worm DarkMachine"
- Next in thread: Joshua_Hiller@aeanet.org: "Re: portscan on tcp ports 1024 to 1280"
- Reply: Joshua_Hiller@aeanet.org: "Re: portscan on tcp ports 1024 to 1280"
- Reply: dr john halewood: "Re: portscan on tcp ports 1024 to 1280"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
