From owner-freebsd-security  Fri Aug 14 21:42:34 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA14848
          for freebsd-security-outgoing; Fri, 14 Aug 1998 21:42:34 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from roble.com (roble.com [207.5.40.50])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA14841
          for <security@FreeBSD.ORG>; Fri, 14 Aug 1998 21:42:30 -0700 (PDT)
          (envelope-from sendmail@roble.com)
Received: from localhost (localhost [127.0.0.1]) by roble.com (Roble) with SMTP id VAA12395 for <security@FreeBSD.ORG>; Fri, 14 Aug 1998 21:41:59 -0700 (PDT)
Date: Fri, 14 Aug 1998 21:41:59 -0700 (PDT)
From: Roger Marquis <marquis@roble.com>
To: security@FreeBSD.ORG
Subject: Scans to ports 1090 and 1080
In-Reply-To: <Pine.BSF.3.96.980708051958.8079A-100000@Amnesiac.123.org>
Message-ID: <Pine.SUN.3.96.980814214044.12358B-100000@roble.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Has anyone heard of vulnerabilities on ports 1080 or 1090?  These look
like straight scans otherwise.

Roger Marquis
Roble Systems Consulting
http://www.roble.com/

>Aug 13 04:40:37 local0 13 deny: TCP from 207.139.170.105.16028 to 205.7.40.2.1080 seq 626CE99, ack 0x0, win 512, SYN 
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.21:1080 from 207.139.170.105:16348
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.26:1080 from 207.139.170.105:16448
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.32:1080 from 207.139.170.105:16973
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.33:1080 from 207.139.170.105:17008
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.34:1080 from 207.139.170.105:17009
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.35:1080 from 207.139.170.105:17022
>Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.41:1080 from 207.139.170.105:17218
>Aug 13 04:40:39 local1 /kernel: Connection attempt to TCP 205.7.40.255:1080 from 207.139.170.105:20991
>Aug 14 21:17:54 local0 13 deny: TCP from 24.128.144.110.18556 to 205.7.40.2.1090 seq DFDFBE08, ack 0x0, win 512, SYN 
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.21:1090 from 24.128.144.110:18627
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.26:1090 from 24.128.144.110:18769
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.61:1090 from 24.128.144.110:19383
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.52:1090 from 24.128.144.110:19363
>Aug 14 21:19:49 local3 /kernel: Connection attempt to TCP 205.7.40.63:1090 from 24.128.144.110:19474
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.53:1090 from 24.128.144.110:19375
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.54:1090 from 24.128.144.110:19376
>Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.55:1090 from 24.128.144.110:19377
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message