Date: Mon, 27 Jan 2003 09:44:53 -0600 From: "Kenzo" <kenzo_chin@hotmail.com> To: <freebsd-questions@FreeBSD.ORG> Subject: snmp probe? Message-ID: <DAV67gCVmRDgcFObuIh00017bf0@hotmail.com>
next in thread | raw e-mail | index | archive | help
I posted this on freebsd forum but didn't get any responces, just alot people viewing it. Maybe I'm missing something or this is such a stupid question that no one want to reply. so I'll try it in here. "I just installed portsentry to play with, and after 10 min of setting it on the network I get probe. looking at the message log this is what I see. portsentry[236]: attackalert: Connect from host: 10.x.x.x/10.x.x.x to UDP port: 161 That's the snmp port. the address that it's comming from is just a workstation. Now why would a regular workstation probe me on the snmp port? What could it be? Is it a program on the computer trying to look for a device on the network like a jetdirect? Or virus, trojan trying to spread?" I guess I just want to know why it's doing this, and how to prevent it. It may not be a virus or trojan, but it uses bandwidt to broadcast and I just dont like that. Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DAV67gCVmRDgcFObuIh00017bf0>