Firewall Wizards mailing list archives

Re: Port Scan from the source port 80?

From: Joe Dauncey <secdistlist () dauncey net>
Date: Wed, 12 Feb 2003 10:58:14 +0000

At 01:28 10/02/2003, OF UR BIZ NONE wrote:

Hello,

I was wondering if port scan from port 80 is common.
I do not have much experience with firewall,
and do not know very much about analyzing logs.

It's possible that a webserver of other device behind a firewall has beencompromised, and it's using the fact that the firewall allows port 80outbound in order to perform it's malicious activity. Or it could be a toolthat has been configured that way.


Joe

Joe Dauncey
PGP Key ID: 0xEAA034D4

*** I am not a lawyer and my opinions are my own ***

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Port Scan from the source port 80? OF UR BIZ NONE (Feb 10)
- Re: Port Scan from the source port 80? Paul D. Robertson (Feb 10)
- Re: Port Scan from the source port 80? ark (Feb 10)
- Re: Port Scan from the source port 80? Joe Dauncey (Feb 12)