Security Incidents mailing list archives
Re: Attempted port scans.
From: lwcashd () BIW COM (Larry W. Cashdollar)
Date: Wed, 12 Jan 2000 15:43:53 -0500
Check this out guys. I seem to get these once or twice a day on my test machines. They are in a lab but exposed to the net. I run Nukenabber on them and it blocks their scans and gives me this log. I wonder, is there any point to me following up with ISPs on this type of thing? Obviously the person didn't get anywhere. Maybe its time to put in that FW-1 installation on my test network..........
1080 is socks, they scan for that port to see if they can relay off of it. This is done to hide their true IP address... -- Larry
Current thread:
- Re: Attempted port scans. Larry W. Cashdollar (Jan 12)