RE: newbie wanting some info !!
From: Aaron Lewis (aaron_at_boatnrv.com)
Date: 08/19/03
- Previous message: Joe Stewart: "Re: Increasing ICMP Echo Requests"
- In reply to: osden: "newbie wanting some info !!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <incidents@securityfocus.com> Date: Tue, 19 Aug 2003 13:04:43 -0400
Hello.
I won't comment on the actual question but I will say it's generally viewed
as 'bad practice' and wasteful to scan everyone that scans you. Port 80
scans are very common and usually harmless unless your running a vulnerable
web server on the target machine.
ADL
-----Original Message-----
From: osden [mailto:osden77@hotmail.com]
Sent: Tuesday, August 19, 2003 3:59 AM
To: Security-basics@securityfocus.com
Cc: incidents@securityfocus.com
Subject: newbie wanting some info !!
Cheers to all......
i have a ADSL connection to my home PC and have NAV and ZONE ALARM installed
as my AV and Firewall. Zone Alarm has been set to the highest security
settings. I have a utility called Attacker from www.foundstone.com listening
at my ports. I have been observing all kind of scans from this following IPs
207.40.146.171 dsl-d-171.nortex.net
203.241.146.5 user5.s146.samsung.co.kr
66.75.223.169 cpe-66-75-223-169.bak.rr.com
trying to connect to my port 80 from various ports. repeatedly also i have
this IP scanning repeatedly at my port 21 from various ports:
80.181.56.143 host143-56.pool80181.interbusiness.it
Well when i scan them back every host that is found LIVE has Port 5000
listening. Is this something to do with that?? or is anyone else also
experiencing something like that. According to my information port 5000
[UPnP / filmaker.com / Socket de Troie (Windows Trojan)] else the box is
Win32 listening to auto detection of hardware.
Can anyone comment on this and let me know. Any information provided will be
really helpful. Thankx in advance.
Kind Regards,
Ozzy
[SCAN EVERYTHING]
Kind Regards,
Osden Fernandes
[SCAN EVERYTHING]
---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Ensure Reliable Performance of Mission Critical Applications
- Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at:
http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Ensure Reliable Performance of Mission Critical Applications
- Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at:
http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814
----------------------------------------------------------------------------
- Previous message: Joe Stewart: "Re: Increasing ICMP Echo Requests"
- In reply to: osden: "newbie wanting some info !!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
