From owner-freebsd-security Tue Jul 14 21:41:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA14506 for freebsd-security-outgoing; Tue, 14 Jul 1998 21:41:30 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA14501 for ; Tue, 14 Jul 1998 21:41:24 -0700 (PDT) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.7/8.8.7) with SMTP id QAA01161; Wed, 15 Jul 1998 16:40:15 +1200 (NZST) (envelope-from andrew@squiz.co.nz) Date: Wed, 15 Jul 1998 16:40:15 +1200 (NZST) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Hallam Oaks P/L list account cc: " >" Subject: Re: Large-scale scan of SNMP ports In-Reply-To: <199807140640.QAA24610@mail.aussie.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I can confirm that it's large scale. I saw this on my machine in the 203.96 network. I saw another suspicious SNMP packet arrive a week or two ago also. On Tue, 14 Jul 1998, Hallam Oaks P/L list account wrote: > Yesterday I detected what appears to be a large-scale scan of the 203.36 and > 203.29 networks, coming from what appears to be a host connected to a local > Australian provider. The host did not respond to traceroute, even at the time > that the scan was taking place, so it's presumably behind a firewall. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message