RE: very weird traffic

From: Steven Trewick (STrewick_at_joplings.co.uk)
Date: 03/22/04

  • Next message: Chris Albert: "Re: Possible break in" 
    To: "'cass7@shaw.ca'" <cass7@shaw.ca>, incidents@securityfocus.com
Date: Mon, 22 Mar 2004 15:57:49 -0000

    > So essentially you have 6 IP's who have created 30 names with
    > hundreds of ending hashes, generating over 10,000 hits for
    > one file name. You have another unknown set of IP's with same
    > names not sharing any files and attempting to upload. Odd and
    > I don't know what to make of it.

    This may be loosely related :

    http://www.theregister.co.uk/content/55/36391.html

    Perhaps what you are seeing is the result of something similar,
    although I am insufficiently familiar with file sharing protocols
    to be any where near certain.

    HTH :-)

    SMT

    </code>
    The information contained in this e-mail is confidential and may be privileged, it is intended for the addressee only. If you have received this e-mail in error please delete it from your system. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the company. Whilst Joplings Group operates an e-mail anti-virus program it does not accept responsibility for any damage whatsoever that is caused by viruses being passed.
    joplings.co.uk

    ---------------------------------------------------------------------------
    Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
    wireless security

    Protect your network against hackers, viruses, spam and other risks with Astaro
    Security Linux, the comprehensive security solution that combines six
    applications in one software solution for ease of use and lower total cost of
    ownership.

    Download your free trial at
    http://www.securityfocus.com/sponsor/Astaro_incidents_040301
    ----------------------------------------------------------------------------

  • Next message: Chris Albert: "Re: Possible break in"

    Relevant Pages

    • Re: blocking p2p traffic
      ... Network Security Specialist ... firewall with virus/spam protection, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: A new technique to disguise a target URL in spam
      ... I have seen the same technique used in other emails, ... firewall with virus/spam protection, URL filtering, VPN, ... Security Linux, the comprehensive security solution that combines six ...
      (Incidents)
    • RE: help with exchange
      ... Subject: help with exchange ... firewall with virus/spam protection, URL filtering, VPN, ... Security Linux, the comprehensive security solution that combines six ...
      (Security-Basics)
    • RE: blocking p2p traffic
      ... (network based application recognition). ... firewall with virus/spam protection, ... >> Security Linux, the comprehensive security solution that combines six ...
      (Focus-IDS)
    • Re: help with exchange
      ... You can download an evaluation copy to see if its any use. ... Security Linux, the comprehensive security solution that combines six ... firewall with virus/spam protection, URL filtering, VPN, ...
      (Security-Basics)