Security Incidents mailing list archives
port 1150 and 4833 ?
From: kim () CHROM IMBG KU DK (Kim R. Rasmussen)
Date: Tue, 4 Jan 2000 23:54:17 +0100
Hello! I've had some odd port scannings lately going primarily to port 1150 and 4833. I haven't been succesful in finding out what could be of interest on those ports. Anyone with ideas ? Snippets included. Best regards, Kim Rasmussen ---[ IP numbers left out ]--- Dec 30 08:43:17 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:4328 w.x.y.z:111 L=40 S=0x00 I=38248 F=0x400 0 T=47 Dec 30 08:43:20 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:4328 w.x.y.z:111 L=40 S=0x00 I=38524 F=0x400 0 T=47 Dec 30 08:43:22 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:1150 L=44 S=0x00 I=38559 F=0x000 0 T=47 Dec 30 08:43:25 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:1150 L=44 S=0x00 I=38878 F=0x000 0 T=47 Dec 30 08:43:26 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:4328 w.x.y.z:111 L=40 S=0x00 I=39129 F=0x400 0 T=47 Dec 30 08:43:31 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:1150 L=44 S=0x00 I=39699 F=0x000 ---[ IP numbers left out ]--- Jan 4 16:23:22 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:1237 w.x.y.z:111 L=52 S=0x00 I=14461 F=0x4 000 T=50 Jan 4 16:23:22 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:4833 L=52 S=0x00 I=14462 F=0x4 000 T=50 Jan 4 16:23:25 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:4833 L=52 S=0x00 I=15933 F=0x4 000 T=50 Jan 4 16:23:27 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:4833 L=87 S=0x00 I=16278 F=0x4 000 T=50 Jan 4 16:23:31 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:4833 L=52 S=0x00 I=18807 F=0x4 000 T=50 Jan 4 16:23:43 sentryhost kernel: Packet log: input DENY eth0 PROTO=6 a.b.c.d:113 w.x.y.z:4833 L=52 S=0x00 I=23321 F=0x4 000 T=50 ---
Current thread:
- Re: ICMP time exceed in-transit packets White, Tim (Dec 31)
- Re: ICMP time exceed in-transit packets Chris Brenton (Jan 01)
- Re: ICMP time exceed in-transit packets Alain Thivillon (Jan 01)
- Re: ICMP time exceed in-transit packets Christopher Wilson (Jan 02)
- port 119 Dariusz Zmokly (Jan 03)
- Re: port 119 Robert Graham (Jan 03)
- Re: port 119 Thomas Molina (Jan 04)
- Re: port 119 Vince Vielhaber (Jan 05)
- Re: ICMP time exceed in-transit packets Alain Thivillon (Jan 01)
- Ports 25092 / 20869 Vanja Hrustic (Jan 04)
- Re: Ports 25092 / 20869 Robert Graham (Jan 04)
- port 1150 and 4833 ? Kim R. Rasmussen (Jan 04)
- Re: port 1150 and 4833 ? Frameloss, Frameloss (Jan 10)
- Re: ICMP time exceed in-transit packets Chris Brenton (Jan 01)
- Re: port 119 R a v e N (Jan 05)
- Re: port 119 Scott Laws (Jan 04)
- Writeup: it. TLD going astray Arrigo Triulzi (Jan 03)
- Computer Forsenics System Administrator (Jan 03)
- Re: Computer Forsenics-> www.fish.com/forensics mike (Jan 03)
- traceroute ICMP packets Laszlo Fabian (Jan 04)
- Re: traceroute ICMP packets M J (Jan 04)
- Re: traceroute ICMP packets Larry Canup (Jan 18)