Date: Sun, 12 Feb 2017 12:18:09 -0500 From: sixto areizaga <thenewcq@optimum.net> To: freebsd-questions@freebsd.org, jon@radel.com Subject: Re: wireshark issue Message-ID: <20170212121809.5bf28626@newer.home> In-Reply-To: <c2dd4d2c-0e7c-42f0-9eef-2cb734421767@radel.com> References: <CAKM9q91KKxtqXRTG84Szefww%2BR--S1A7wvgSx5LV3jNS90=4qw@mail.gmail.com> <20170209174405.5d551b88@newer.home> <c2dd4d2c-0e7c-42f0-9eef-2cb734421767@radel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I cut all the answers short, hoping that you read to the bottom. > On 2/9/17 5:44 PM, sixto areizaga wrote: > > Has anyone experienced something similar or have any info about the > > following using wireshark... > > < SNIP> > > > > anyone have a similar problem? > On Thu, 09 Feb 2017 18:22:23 -0500 Jon Radel <jon@radel.com> wrote: > Somebody already answered the first time you asked this question. Why > ask again? I didn't. The first time I wrote it, it never posted, but a different post did. so I resent it. At which point, they BOTH appeared. Dude, ...why so hostile? It's a whole lot simpler than that. Maybe a glitch in my email program. Thinking about posting about it. > Yes, there are people out on the Internet who constantly scan ipv4 < SNIP > > at large-- This is obvious - I am actually looking for an exploit. The thing I need to do is rule out wireshark. > just look at the log of failed connection attempts or fire > up a copy of wireshark. I dont understand? We WERE talking about wireshark?!? > If you don't like it, block the traffic using a firewall. You can <SNIP > I just blocked it altogether. And no I dont like it. > Really, the only part of your question that *I* find remotely > interesting is how you determined that the client is actually a copy > of putty running on a mobile device, or at least looks like it is? Two things I found interesting. The first is that you suggested I use wireshark. When Wireshark was what informed me it was putty. Which is starting to look like ....the second thing I found interesting, Why so hostile? Wireshark gave me an IP and that the connection was from putty, Whois and google told me that its a mobile communications company.... nmap gave me: Ports open include some windows ports... conclusion: A port scaning script running off some windows laptop or tablet, exploiting putty. on a network which seems to come from China. [China] which means ....Some one in my neighborhood is passing around hacking software to the "kiddies" ...again. YES, a pattern on my network. (and with *my* neighbors) Pease, keep all that hostility to yourself! As far as what you typed above about ...putty being interesting, I thought you were actually gonna give me more insite on my issue?!? > Somebody already answered the first time you asked this question. Honestly? ....look I am deleting what I originally wrote for the response, the world has enough negativity in it already, I aint gonna add to it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170212121809.5bf28626>