|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: what do the kiddies have now
Perhaps the RPC attack CERT issued an advisory about today? http://www.cert.org/advisories/CA-99-05-statd-automountd.html Looks like they're trying to hit an RPC port. Maybe the script they're running creates an account for them on your machine, and they're using FTP to test if it worked? Just a guess, ------Scott. Randy Bush <[email protected]> writes: > the following seemingly combo ftp and frag attack combo has escalated > radically in the last days. anyone know why? > > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6079) -147.28.0.39(111), 1 packet > ftpd[27311]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(800) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6985) -147.28.0.39(111), 1 packet > ftpd[27318]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(830) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10874) -147.28.0.39(111), 1 packet > ftpd[27375]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(943) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14462) -147.28.0.39(111), 1 packet > ftpd[27470]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(637) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12438) -147.28.0.39(111), 1 packet > ftpd[27498]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(673) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8174) -147.28.0.39(111), 1 packet > ftpd[27503]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(683) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7017) -147.28.0.39(111), 1 packet > ftpd[27512]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(709) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12615) -147.28.0.39(111), 1 packet > ftpd[27522]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(726) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14441) -147.28.0.39(111), 1 packet > ftpd[27580]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(779) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6720) -147.28.0.39(111), 1 packet > ftpd[27639]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(852) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(9073) -147.28.0.39(111), 1 packet > ftpd[27666]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(887) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(13040) -147.28.0.39(111), 1 packet > ftpd[27812]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(627) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5786) -147.28.0.39(111), 1 packet > ftpd[27917]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(751) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11108) -147.28.0.39(111), 1 packet > ftpd[27946]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(790) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8316) -147.28.0.39(111), 1 packet > ftpd[27963]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(805) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11738) -147.28.0.39(111), 1 packet > ftpd[27997]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(828) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11476) -147.28.0.39(111), 1 packet > ftpd[28046]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(927) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5036) -147.28.0.39(111), 1 packet > ftpd[28056]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(948) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10825) -147.28.0.39(111), 1 packet > ftpd[28115]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(623) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8939) -147.28.0.39(111), 1 packet > ftpd[28145]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(650) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(9116) -147.28.0.39(111), 1 packet > ftpd[28167]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(739) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5595) -147.28.0.39(111), 1 packet > ftpd[28188]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(800) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8564) -147.28.0.39(111), 1 packet > ftpd[28202]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(815) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14905) -147.28.0.39(111), 1 packet > ftpd[28250]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(863) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5535) -147.28.0.39(111), 1 packet > ftpd[28278]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(906) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10659) -147.28.0.39(111), 1 packet > ftpd[28379]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(639) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10521) -147.28.0.39(111), 1 packet > ftpd[28387]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(653) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11809) -147.28.0.39(111), 1 packet > ftpd[28542]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied udp 209.192.148.153(0) -147.28.0.39(0), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 13 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(9962) -147.28.0.39(111), 1 packet > ftpd[28591]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(815) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied udp 209.192.148.153(0) -147.28.0.39(0), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8016) -147.28.0.39(111), 1 packet > ftpd[28699]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(882) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7740) -147.28.0.39(111), 1 packet > ftpd[28714]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(901) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11452) -147.28.0.39(111), 1 packet > ftpd[28747]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(930) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8119) -147.28.0.39(111), 1 packet > ftpd[29107]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(847) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5313) -147.28.0.39(111), 1 packet > ftpd[29411]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(684) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(9439) -147.28.0.39(111), 1 packet > ftpd[29420]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(691) -147.28.0.39(111), 1 packet > ftpd[29425]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(695) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10246) -147.28.0.39(111), 1 packet > ftpd[29474]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(733) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7001) -147.28.0.39(111), 1 packet > ftpd[29479]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(736) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6134) -147.28.0.39(111), 1 packet > ftpd[29510]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(751) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12440) -147.28.0.39(111), 1 packet > ftpd[29627]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(799) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6428) -147.28.0.39(111), 1 packet > ftpd[29638]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(812) -147.28.0.39(111), 1 packet > ftpd[29651]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(824) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7033) -147.28.0.39(111), 1 packet > ftpd[29668]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(838) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8406) -147.28.0.39(111), 1 packet > ftpd[29712]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(885) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(13300) -147.28.0.39(111), 1 packet > ftpd[29749]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(908) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12610) -147.28.0.39(111), 1 packet > ftpd[29806]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(961) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11014) -147.28.0.39(111), 1 packet > ftpd[29843]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(1008) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10204) -147.28.0.39(111), 1 packet > ftpd[30031]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(738) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14146) -147.28.0.39(111), 1 packet > ftpd[30159]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(839) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14047) -147.28.0.39(111), 1 packet > ftpd[30205]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(885) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10526) -147.28.0.39(111), 1 packet > ftpd[30236]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(913) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 13 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11273) -147.28.0.39(111), 1 packet > ftpd[30362]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(649) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7299) -147.28.0.39(111), 1 packet > ftpd[30377]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(666) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14072) -147.28.0.39(111), 1 packet > ftpd[30507]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(736) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10576) -147.28.0.39(111), 1 packet > ftpd[30528]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(751) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5718) -147.28.0.39(111), 1 packet > ftpd[31125]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(624) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(9678) -147.28.0.39(111), 1 packet > ftpd[31409]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(747) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8790) -147.28.0.39(111), 1 packet > ftpd[31531]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(805) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11621) -147.28.0.39(111), 1 packet > ftpd[31841]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(975) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 8 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(975) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5450) -147.28.0.39(111), 1 packet > ftpd[31963]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(609) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11661) -147.28.0.39(111), 1 packet > ftpd[32885]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(978) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12440) -147.28.0.39(111), 1 packet > ftpd[33480]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(691) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 8 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(12709) -147.28.0.39(111), 1 packet > ftpd[33596]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(709) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(13845) -147.28.0.39(111), 1 packet > ftpd[33700]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(742) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5041) -147.28.0.39(111), 1 packet > ftpd[33726]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(760) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11446) -147.28.0.39(111), 1 packet > ftpd[33802]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(787) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(14624) -147.28.0.39(111), 1 packet > ftpd[34326]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(923) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7370) -147.28.0.39(111), 1 packet > ftpd[34413]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(974) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(13510) -147.28.0.39(111), 1 packet > ftpd[34753]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(683) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 8 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11504) -147.28.0.39(111), 1 packet > ftpd[35240]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(834) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 2 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7332) -147.28.0.39(111), 1 packet > ftpd[35331]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(889) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6869) -147.28.0.39(111), 1 packet > ftpd[35721]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(951) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8805) -147.28.0.39(111), 1 packet > ftpd[36321]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(833) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(5228) -147.28.0.39(111), 1 packet > ftpd[36760]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(966) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 8 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8162) -147.28.0.39(111), 1 packet > ftpd[37144]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(634) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 2 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11966) -147.28.0.39(111), 1 packet > ftpd[37263]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(666) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6722) -147.28.0.39(111), 1 packet > ftpd[37298]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(685) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(11563) -147.28.0.39(111), 1 packet > ftpd[37579]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(772) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(8810) -147.28.0.39(111), 1 packet > ftpd[37632]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(791) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied udp 209.192.148.153(0) -147.28.0.39(0), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied udp 209.192.148.153(0) -147.28.0.39(0), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(13584) -147.28.0.39(111), 1 packet > ftpd[38095]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(961) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7066) -147.28.0.39(111), 1 packet > ftpd[38334]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(605) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 10 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(7753) -147.28.0.39(111), 1 packet > ftpd[38814]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(725) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > named[79976]: ns_resp: TCP truncated: "112.137.63.209.in-addr.arpa" IN PTR > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(6816) -147.28.0.39(111), 1 packet > ftpd[39528]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(889) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 2 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 10 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(10925) -147.28.0.39(111), 1 packet > ftpd[40052]: connect from crb614.nf.sympatico.ca > %SEC-6-IPACCESSLOGP: list 105 denied tcp 142.163.12.14(1012) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 4 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 6 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 200.251.162.80(6279) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 200.251.162.80(7881) -147.28.0.39(111), 1 packet > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 2 packets > %SEC-6-IPACCESSLOGP: list 105 denied tcp 210.8.101.18(0) -147.28.0.39(0), 12 packets
|