North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: FTP Probes from Taiwan/China
- From: kysi ferul
- Date: Mon Sep 10 12:46:38 2001
FORMOSA from Jonathan Swift's "Gulliver!" Please see: "Two Babylons"
Gordon Ewasiuk <[email protected]> wrote:
On Today, mike harrison wrote: >> > Has anyone seen a dramatic increase in FTP probes/scans/bad stuff from >> > certain IP blocks in Taiwan or China? Specifically, 211/8, 61/8, and >> > 202/7. I'm logging over 7500 probes/hr right now. Is there a new >> > exploit out or something? >> > >> > Another network just surfaced: 210.82/15 > >I am getting lots of port 80'ish scans from those IP ranges. >and a few port 139, but I have not seen a port 21 (FTP) scan from anyone >in the last 30 minutes... while monitoring a /19 and a /20 locally.
Apprec. the info. Probes are falling off now. 25k in the last 6hrs (as of 1500hrs EST).
Not much in the grand scheme of things but more then I like. A couple of servers at this facility are being targeted - no sooner had I ACL'ed one block when probes from a new block to the same targets surfaced. In any event, the target servers are offline pending a close inspection.
Thanks to all that responded,
-Gordon
-------------------------------------------------- Gordon Ewasiuk, Certifed Sun Fanatic, Winstar VHC The REAL office number is here-----> 703.893.4901 Tired of BSODs, My Computer, and Code Red? http://www.sun.com/solaris/binaries/ -------------------------------------------------
Kysi Ferul [email protected]
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger.
|