portsentry a divne pristupy na web

ing.Nadìžda Šimková simek at autosklo.cz
Thu Aug 29 10:59:46 CEST 2002 

-----Pùvodní zpráva-----
Od: Tom Z. Meinlschmidt <tm at salome.datron.cz>
Komu: net at cs.felk.cvut.cz <net at cs.felk.cvut.cz>
Datum: 15. srpna 2002 11:15
Pøedmìt: portsentry a divne pristupy na web


>Dobry den,
>
>docela casto se mi posledni dobou stava, ze mi cizi stroj nejdrive 'sahne'
na
>ruzne porty, a pak se mi pripoji na http .. pricemz to delaji i duveryhodne
>stroje, u kterych vim, ze by to nejaky scan nebyl.. portsentry pise tuto:
>
>
>Aug 15 10:34:39 salome portsentry[407]: attackalert: SYN/Normal scan from
host: 195.128.198.216/195.128.198.216 to TCP port: 248
>Aug 15 10:34:40 salome kernel: Packet log: input DENY eth0 PROTO=6
195.128.198.216:62831 194.212.10.138:80 L=40 S=0x00 I=22437 F=0x4000 T=119
(#1)
>
>Aug 15 09:33:09 salome portsentry[407]: attackalert: SYN/Normal scan from
host: plzenb-65.dialup.vol.cz/62.177.85.65 to TCP port: 48
>Aug 15 09:33:10 salome kernel: Packet log: input DENY eth0 PROTO=6
62.177.85.65:2847 194.212.10.137:80 L=40 S=0x00 I=46023 F=0x4000 T=120 (#1)
>
>Aug 14 20:22:20 salome portsentry[407]: attackalert: SYN/Normal scan from
host: a252-147.dialup.iol.cz/194.228.147.252 to TCP port: 592
>Aug 14 20:22:20 salome kernel: Packet log: input DENY eth0 PROTO=6
194.228.147.252:1112 194.212.10.138:80 L=40 S=0x00 I=4358 F=0x4000 T=119
(#1)
>
>vubec nechapu, proc to na ty porty zkousi lezt - nic na nich nebezi..
>portsentry tu adresu samozrejme blokne, takze ja ji pak musim zase rucne
>povolovat, a uz me to docela stve.
>
>diky
>
>TM
>--
>===========================================================================
====
>Tomas Meinlschmidt, SBN3, MCT, MCP, MCP+I, MCSE, NetApp Filer & NetCache
>Datron s.r.o., Vachkova 3008, 470 01 Ceska Lipa, 0425/834 421, f: 834 425
>GCS d-(?) s: a- C++ ULHISC*++++$ P+++>++++ L+++$>++++ E--- W+++$ N++(+) !o
>    !K w(---) !O !M V PS+ PE Y+ PGP++ t+@ !5 X? R tv b+ !DI D+ G e>+++
>    h---- r+++ z+++@
>===========================================================================
====
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Dobr? den.doc
Type: application/msword
Size: 19456 bytes
Desc: not available
Url : http://lists.felk.cvut.cz/pipermail/net/attachments/20020829/8eb2ad01/attachment.doc

More information about the net mailing list