From owner-freebsd-questions Fri Dec 3 18:44:13 1999 Delivered-To: freebsd-questions@freebsd.org Received: from shorty.ahpcns.com (joemoore-host.dsl.visi.com [209.98.246.61]) by hub.freebsd.org (Postfix) with ESMTP id 4E10014D2F for ; Fri, 3 Dec 1999 18:44:09 -0800 (PST) (envelope-from jomor@ahpcns.com) Received: from ahpcns.com (localhost [127.0.0.1]) by shorty.ahpcns.com (Postfix) with ESMTP id E352E1AD for ; Fri, 3 Dec 1999 20:43:06 -0600 (CST) Message-ID: <38487FBA.58DACD7B@ahpcns.com> Date: Sat, 04 Dec 1999 02:43:06 +0000 From: jomor Organization: ahpcns X-Mailer: Mozilla 4.61 [en] (X11; I; Linux 2.0.36 i386) X-Accept-Language: en MIME-Version: 1.0 To: "questions@freebsd.org" Subject: Re: Portsentry-Attacks? References: <9912030336420S.00269@FBob.wt.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Since all of these are for port 80, I'd tend to think that there is a website with a screwed-up link pointing to your box. Most of the scans that I see happening to my network are for port 111. HTH ...jgm BobF wrote: > If this query is posted to the wrong list, please advise. > > Being a bit paranoid in this day and age I installed Portsentry to see > what/who was trying to connect to my box. The results were a bit of a > shock and I am wondering if the reported attacks are in fact real. Here > is a sample of the blocked file generated by Portsentry: > > 944019385 - 11/30/99 21:36:25 Host: 98A903CE.ipt.aol.com/152.169.3.206 Port: 80 Blocked > 944019618 - 11/30/99 21:40:18 Host: p3E9EDDA4.dip.t-dialin.net/62.158.221.164 Port: 80 Blocked > 944020530 - 11/30/99 21:55:30 Host: dial56050.mtu-net.ru/195.34.56.50 Port: 80 Blocked > SNIP... > Anyone have any input as to the authenticity of the alleged > "attacks" ? > > BobF > > Email: FBob@WT.NET > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message