Date: Thu, 21 Jan 1999 12:36:59 -0600 From: Anthony Kim <anthony@enteract.com> To: andrew@squiz.co.nz Cc: "security@FreeBSD.ORG" <security@FreeBSD.ORG> Subject: Re: TCP port question IPFW Message-ID: <36A773CB.166983C@enteract.com> References: <Pine.BSF.4.05.9901212359090.323-100000@aniwa.sky>
next in thread | previous in thread | raw e-mail | index | archive | help
I've tried the well known services. Nothing doing. Why people bother -- I've no important data<G> -- that's what I'd like to know. Andrew McNaughton wrote: > > > I'm sort of annoyed...there is some IP who is constantly filling up my > > ipfw logs with TCP port 1719 attempts daily. The hours are late in the > > If you're annoyed by the log entries, but not concerned by them, then > don't log entries from their IP to that port. Among other things, this > sort of practice makes it more likely you'll see important log info. > Logging too much is a bad thing. OTOH, it can clutter your firewall > ruleset. > > > evening until around 2am, then it begins again shortly after 6pm (he or > > she must have come home from work and felt like bugging me). More > > recently I see requests for TCP port 1106 in my logs as well from them. > > A quick search on the web showed 1719 was h323gatestat. Can someone tell > > me what that is? I didn't find anything on TCP port 1106 either. Any > > info is greatly appreciated. Also, anyway I can track this person down? > > traceroute works but no hostname returns. > > You might be able to identify their service provider from other entries in > the traceroute. Also, doing a reverse lookup on other IP's in the same > class C network often clarifies who owns the network. > > It's often possible to connect to services like telnet, smtp, ftp and get > a machine name. This basically ammounts to a localised port scan. It's > easily justified, but I wonder if people ever get into trouble with their > ISP's as a result of it. > > Andrew > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- SYSADMIN(1) sysadmin takes care of everything, is generally harangued, must be supplied with coffee, chocolate, and alcohol in order to function properly, cannot be exposed to direct sunlight, and must not be allowed to have a life. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36A773CB.166983C>