Date: Sun, 16 May 1999 04:26:57 +0200 From: Harold Gutch <logix@foobar.franken.de> To: Peter Wemm <peter@netplex.com.au>, Kris Kennaway <kkennawa@physics.adelaide.edu.au> Cc: Matthew Dillon <dillon@apollo.backplane.com>, danny <danny@pentalpha.com.hk>, freebsd-security@FreeBSD.ORG Subject: Re: network scan? Message-ID: <19990516042657.A28280@foobar.franken.de> In-Reply-To: <19990515204158.C390F1F58@spinner.netplex.com.au>; from Peter Wemm on Sun, May 16, 1999 at 04:41:56AM %2B0800 References: <Pine.OSF.4.10.9905131211500.1222-100000@bragg> <19990515204158.C390F1F58@spinner.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 16, 1999 at 04:41:56AM +0800, Peter Wemm wrote: > Kris Kennaway wrote: > > On Wed, 12 May 1999, Matthew Dillon wrote: > > > > > :May 12 18:42:24 server /kernel: ipfw: 26000 Deny TCP 202.38.248.205:4359 > > > :a.b.c.1:1080 in via ed0 > > > :... > > > > > > I get this all the time from people scanning for netbios. I > > > usually just ignore them. If I'm in a bad mood I send a nasty gram > > > to the originating network. > > > > In this case they're looking for an open SOCKS proxy (so they can use it to > > In this particular case, it's a site in China. They have a heavily > censored internet gateway, and I see lots of probes from china (and other > areas in Asia that have enforced proxy use and heavily censored feeds) > looking for *:1080 (socks), *:3128 (squid) and *:8080 (squid and/or other > proxies including netscape). They are scanning for relays to bounce > connections off to bypass the censored feed. > Just to make sure I'm getting this right - you're saying China has a censored internet gateway (i.e. blocking *something* [what exactly ?] ), but they do allow connections to ports 1080, 3128 and 8080 ? bye, Harold -- <Shabby> Sleep is an abstinence syndrome wich occurs due to lack of caffein. Wed Mar 4 04:53:33 CET 1998 #unix, ircnet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990516042657.A28280>