Date: Sat, 15 Aug 1998 01:55:01 -0400 (EDT) From: Scott <sevn@336.net> To: Roger Marquis <marquis@roble.com> Cc: security@FreeBSD.ORG Subject: Re: Scans to ports 1090 and 1080 Message-ID: <Pine.BSF.3.96.980815015425.16115C-100000@locnar.336.net> In-Reply-To: <Pine.SUN.3.96.980814214044.12358B-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This would be script kiddies looking for an open wingate to exploit. Scott Malek's Law: Any simple idea will be worded in the most complicated way. On Fri, 14 Aug 1998, Roger Marquis wrote: > Has anyone heard of vulnerabilities on ports 1080 or 1090? These look > like straight scans otherwise. > > Roger Marquis > Roble Systems Consulting > http://www.roble.com/ > > >Aug 13 04:40:37 local0 13 deny: TCP from 207.139.170.105.16028 to 205.7.40.2.1080 seq 626CE99, ack 0x0, win 512, SYN > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.21:1080 from 207.139.170.105:16348 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.26:1080 from 207.139.170.105:16448 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.32:1080 from 207.139.170.105:16973 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.33:1080 from 207.139.170.105:17008 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.34:1080 from 207.139.170.105:17009 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.35:1080 from 207.139.170.105:17022 > >Aug 13 04:40:37 local1 /kernel: Connection attempt to TCP 205.7.40.41:1080 from 207.139.170.105:17218 > >Aug 13 04:40:39 local1 /kernel: Connection attempt to TCP 205.7.40.255:1080 from 207.139.170.105:20991 > >Aug 14 21:17:54 local0 13 deny: TCP from 24.128.144.110.18556 to 205.7.40.2.1090 seq DFDFBE08, ack 0x0, win 512, SYN > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.21:1090 from 24.128.144.110:18627 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.26:1090 from 24.128.144.110:18769 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.61:1090 from 24.128.144.110:19383 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.52:1090 from 24.128.144.110:19363 > >Aug 14 21:19:49 local3 /kernel: Connection attempt to TCP 205.7.40.63:1090 from 24.128.144.110:19474 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.53:1090 from 24.128.144.110:19375 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.54:1090 from 24.128.144.110:19376 > >Aug 14 21:17:55 local /kernel: Connection attempt to TCP 205.7.40.55:1090 from 24.128.144.110:19377 > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980815015425.16115C-100000>