this is a port scan, right?
From: Bush is a Fascist (z333r_at_yahoo.com)
Date: 07/30/05
- Next message: The Doctor: "One-Stop Security HArdware Devices"
- Previous message: Walter Roberson: "Re: Barcode Email"
- Next in thread: Allodoxaphobia: "Re: this is a port scan, right?"
- Reply: Allodoxaphobia: "Re: this is a port scan, right?"
- Reply: Todd H.: "Re: this is a port scan, right?"
- Reply: CL (dnoyeB) Gilbert: "Re: this is a port scan, right?"
- Reply: Unruh: "Re: this is a port scan, right?"
- Reply: Si Ballenger: "Re: this is a port scan, right?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Jul 2005 06:07:49 -0700
Hi all,
My webserver is telling me that it has received the following
types of accesses repeatedly from several of my fellow comcast
subscribers.
1. they access port 80 but they fail to send by HTTP
request: zero bytes received.
2. soon after they access port 80 again and send a very short
HTTP request, consisting of "GET /" line, a Host line,
and sometimes a long Authenication line. My server
successfully write()'s bytes back to the client program.
Once, the Authentication line looked very odd, like a
bunch of zero bytes with a chunk of perhaps program code
in the middle.
Keep in mind that no domain is associated with my server's
IP.
IPs of offenders are always similar to my own IP.
So they're port scanning, right?
Thanks
333
- Next message: The Doctor: "One-Stop Security HArdware Devices"
- Previous message: Walter Roberson: "Re: Barcode Email"
- Next in thread: Allodoxaphobia: "Re: this is a port scan, right?"
- Reply: Allodoxaphobia: "Re: this is a port scan, right?"
- Reply: Todd H.: "Re: this is a port scan, right?"
- Reply: CL (dnoyeB) Gilbert: "Re: this is a port scan, right?"
- Reply: Unruh: "Re: this is a port scan, right?"
- Reply: Si Ballenger: "Re: this is a port scan, right?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
