North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Network Probes
Vitts Networks (NETBLK-VITT-1BLK) 77 Sundial Ave Manchester, NH 03103 US Netname: VITT-1BLK Netblock: 216.64.0.0 - 216.64.127.255 Maintainer: VITT Coordinator: domreg (DOM68-ORG-ARIN) [email protected] 603-656-8000 Fax - 603-656-8100 Domain System inverse mapping provided by: NS1.VITTS.COM 216.64.31.76 NS2.VITTS.COM 216.64.117.21 ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE Rwhois reassignment information for this block is available at rwhois.vitts.net 4321 Record last updated on 30-Nov-1999. Database last updated on 9-Mar-2000 06:42:18 EDT. Scott McGrath wrote: > Hi, > > Has anyone else noticed probes against their network with a spoofed > source address > and Src (80) and Dst(2183) > > ---Snip. > Mar 8 17:40:16: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 216.52.56.50(80) (Ser > ial0 *PPP*) -> 216.64.1.198(2183), 1 packet > .Mar 8 17:44:28: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 208.194.150.10(80) (S > erial0 *PPP*) -> 216.64.1.142(2183), 1 packet > .Mar 8 17:45:45: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 216.52.56.50(80) (Ser > ial0 *PPP*) -> 216.64.1.198(2183), 3 packets > .Mar 8 17:49:45: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 208.194.150.10(80) (S > erial0 *PPP*) -> 216.64.1.142(2183), 2 packets > .Mar 9 07:39:04: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 209.143.228.10(80) (S > erial0 *PPP*) -> 216.64.1.82(2183), 1 packet > .Mar 9 07:44:18: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 209.143.228.10(80) (S > erial0 *PPP*) -> 216.64.1.82(2183), 9 packets > .Mar 9 09:53:46: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 209.185.181.10(80) (S > erial0 *PPP*) -> 216.64.1.227(2183), 1 packet > .Mar 9 09:59:24: %SEC-6-IPACCESSLOGP: list 110 denied tcp > 209.185.181.10(80) (S > erial0 *PPP*) -> 216.64.1.227(2183), 9 packets > .Mar 9 12:11:55: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80) > (Serial0 > *PPP*) -> 216.64.1.144(1319), 1 packet > .Mar 9 12:17:29: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80) > (Serial0 > *PPP*) -> 216.64.1.144(1319), 8 packets > .Mar 9 12:22:30: %SEC-6-IPACCESSLOGP: list 110 denied tcp 10.2.1.6(80) > (Serial0 > *PPP*) -> 216.64.1.144(1319), 4 packets > ---snip > > Thanks -- Thank you; |--------------------------------------------| | Thinking is a learned process so is UNIX | |--------------------------------------------| Henry R. Linneweh
|