Security Incidents mailing list archives
RE: UDP port 500 traffic from two clients
From: "McCammon, Keith" <Keith.McCammon () eadvancemed com>
Date: Mon, 28 Jan 2002 13:56:32 -0500
Chris, It is most likely a VPN attempt. Could be malicious, could be a misconfigured client trying to reconnect/authenticate at a set interval, etc. The best thing that you can do is drop the packets and forget about them. There is little chance that either ISP will investigate (or even respond, for that matter). And, even though it's annoying, it isn't illegal to try and connect to a public system in most cases. Cheers Keith -----Original Message----- From: Chris Wilkes [mailto:cwilkes () ladro com] Sent: Monday, January 28, 2002 11:27 AM To: incidents () securityfocus com Subject: UDP port 500 traffic from two clients ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- UDP port 500 traffic from two clients Chris Wilkes (Jan 28)
- Re: UDP port 500 traffic from two clients Glen Mehn (Jan 28)
- Re: UDP port 500 traffic from two clients Gary Flynn (Jan 28)
- Re: UDP port 500 traffic from two clients Hugo van der Kooij (Jan 28)
- <Possible follow-ups>
- RE: UDP port 500 traffic from two clients McCammon, Keith (Jan 28)
- RE: UDP port 500 traffic from two clients Toni Heinonen (Jan 28)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 28)
- RE: UDP port 500 traffic from two clients Fernando Cardoso (Jan 29)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 29)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 28)