North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: FTP Probes from Taiwan/China
- From: kysi ferul
- Date: Mon Sep 10 12:46:38 2001
FORMOSA from Jonathan Swift's "Gulliver!" Please see: "Two Babylons"
Gordon Ewasiuk <[email protected]> wrote:
On Today, mike harrison wrote:
>> > Has anyone seen a dramatic increase in FTP probes/scans/bad stuff from
>> > certain IP blocks in Taiwan or China? Specifically, 211/8, 61/8, and
>> > 202/7. I'm logging over 7500 probes/hr right now. Is there a new
>> > exploit out or something?
>> >
>> > Another network just surfaced: 210.82/15
>
>I am getting lots of port 80'ish scans from those IP ranges.
>and a few port 139, but I have not seen a port 21 (FTP) scan from anyone
>in the last 30 minutes... while monitoring a /19 and a /20 locally.
Apprec. the info. Probes are falling off now. 25k in the last 6hrs
(as of 1500hrs EST).
Not much in the grand scheme of things but more then I like. A couple of
servers at this facility are being targeted - no sooner had I ACL'ed
one block when probes from a new block to the same targets surfaced. In
any event, the target servers are offline pending a close inspection.
Thanks to all that responded,
-Gordon
--------------------------------------------------
Gordon Ewasiuk, Certifed Sun Fanatic, Winstar VHC
The REAL office number is here-----> 703.893.4901
Tired of BSODs, My Computer, and Code Red?
http://www.sun.com/solaris/binaries/
-------------------------------------------------
Kysi Ferul [email protected]
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger.
|