RE: Port 1080
From: Krueger Lawrence (Lawrence.Krueger@kohler.com)
Date: 11/22/02
- Previous message: Moshe Aelion: "Re: Help - a possible bot"
- Maybe in reply to: Chris Gross: "Port 1080"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Krueger Lawrence <Lawrence.Krueger@kohler.com> To: "'Chris Gross'" <chris@hugehosting.com> Date: Fri, 22 Nov 2002 08:39:01 -0600
Port 1080 is a socks proxy server and the attacker was using this server as
a middle man in this attack to protect his true ip.
LK
-----Original Message-----
From: Chris Gross [mailto:chris@hugehosting.com]
Sent: Wednesday, November 20, 2002 4:57 PM
To: Incidents Mailing List
Subject: Port 1080
We had a large spike in connections through our firewall and we tracked it
down to a Linux 8.0 server. It was creating about 200K connections with a
source and destination port of 1080. Has anyone else seen this.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Next message: Esler, Joel -- Sytex Contractor: "RE: increased attacks on port 2599"
- Previous message: Moshe Aelion: "Re: Help - a possible bot"
- Maybe in reply to: Chris Gross: "Port 1080"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
