Firewall Wizards mailing list archives
Traffic identification
From: "W.C. Epperson" <epperson () alumni unc edu>
Date: Wed, 18 Dec 2002 12:15:52 -0500
This is a dial-up user on my network trying to get to something I can't identify at an address I can't find out much about. Does anyone recognize the traffic? Or have suggestions on researching this sort of thing? My old ways of searching on port number, etc., turn up so much noise I can't
sift through it. Dec 18 08:23:56 denied udp 141.104.10.222(9370) -> 207.114.130.6(375) Dec 18 08:24:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(373) Dec 18 08:25:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(371) Dec 18 08:26:03 denied tcp 141.104.10.222(3030) -> 207.114.130.7(483) Dec 18 08:26:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(376) Dec 18 08:27:10 denied tcp 141.104.10.222(3033) -> 207.114.130.7(481) Dec 18 08:28:03 denied udp 141.104.10.222(9370) -> 207.114.130.7(370) Dec 18 08:29:03 denied udp 141.104.10.222(9370) -> 207.114.130.7(372) Dec 18 08:29:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(373) Dec 18 08:30:15 denied tcp 141.104.10.222(3044) -> 207.114.130.7(482) Dec 18 08:31:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(376) Dec 18 08:32:03 denied udp 141.104.10.222(9370) -> 207.114.130.7(375) Dec 18 08:32:56 denied tcp 141.104.10.222(3033) -> 207.114.130.7(481) Dec 18 08:33:16 denied tcp 141.104.10.222(3052) -> 207.114.130.6(485) Dec 18 08:33:46 denied tcp 141.104.10.222(3053) -> 207.114.130.7(485) Dec 18 08:33:56 denied tcp 141.104.10.222(3036) -> 207.114.130.7(486) Dec 18 08:34:02 denied udp 141.104.10.222(9370) -> 207.114.130.6(370) Dec 18 08:34:56 denied udp 141.104.10.222(9370) -> 207.114.130.6(375) Dec 18 08:35:09 denied tcp 141.104.10.222(3054) -> 207.114.130.7(480) Dec 18 08:35:39 denied tcp 141.104.10.222(3055) -> 207.114.130.6(480) Dec 18 08:35:56 denied tcp 141.104.10.222(3044) -> 207.114.130.7(482) Dec 18 08:37:56 denied udp 141.104.10.222(9370) -> 207.114.130.7(375) Dec 18 08:38:56 denied tcp 141.104.10.222(3052) -> 207.114.130.6(485) Dec 18 08:39:56 denied udp 141.104.10.222(9370) -> 207.114.130.6(370) Dec 18 08:40:56 denied tcp 141.104.10.222(3055) -> 207.114.130.6(480) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Traffic identification W.C. Epperson (Dec 18)
- RE: Traffic identification Brian A Kee (Dec 18)
- RE: Traffic identification Bill Royds (Dec 18)
- RE: Traffic identification Christopher Hicks (Dec 19)
- Re: Traffic identification Jim Seymour (Dec 18)