Firewall Wizards mailing list archives
Re: Port Scan from the source port 80?
From: Joe Dauncey <secdistlist () dauncey net>
Date: Wed, 12 Feb 2003 10:58:14 +0000
At 01:28 10/02/2003, OF UR BIZ NONE wrote:
Hello, I was wondering if port scan from port 80 is common. I do not have much experience with firewall, and do not know very much about analyzing logs.
It's possible that a webserver of other device behind a firewall has been compromised, and it's using the fact that the firewall allows port 80 outbound in order to perform it's malicious activity. Or it could be a tool that has been configured that way.
Joe Joe Dauncey PGP Key ID: 0xEAA034D4 *** I am not a lawyer and my opinions are my own *** _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Port Scan from the source port 80? OF UR BIZ NONE (Feb 10)
- Re: Port Scan from the source port 80? Paul D. Robertson (Feb 10)
- Re: Port Scan from the source port 80? ark (Feb 10)
- Re: Port Scan from the source port 80? Joe Dauncey (Feb 12)