Date: Fri, 20 Jul 2001 20:17:59 -0500 From: David Powers <dnpowers@swbell.net> To: freebsd-security@freebsd.org Subject: Recent probes Message-ID: <00b401c11182$fb2f8260$0401a8c0@swbell.net>
next in thread | raw e-mail | index | archive | help
I have been getting a rash of probes to TCP/80 recently, is there a recent issue that they might be trying to exploit? Below is the data on the probes origination. /kernel: ipfw: 65435 Deny TCP 203.126.35.77:2543 64.218.90.203:80 in via tun0 ; <<>> DiG 8.3 <<>> -x ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUERY SECTION: ;; 77.35.126.203.in-addr.arpa, type = ANY, class = IN ;; AUTHORITY SECTION: 35.126.203.in-addr.arpa. 1D IN SOA dnspri.singnet.com.sg. hostmaster.singnet.com.sg. ( 2000101700 ; serial 30M ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum inetnum: 203.126.35.64 - 203.126.35.95 netname: SUNRIGHT-SG descr: SunRight Limited descr: 1093 Lower Delta Road descr: #02-01/08 descr: Singapore 169204 country: SG admin-c: SAT1-AP tech-c: SH9-AP rev-srv: dnssec1.singnet.com.sg rev-srv: dnssec2.singnet.com.sg rev-srv: dnssec3.singnet.com.sg notify: hostmaster@singnet.com.sg mnt-by: MAINT-SG-SINGNET changed: hostmaster@singnet.com.sg 20001016 source: APNIC person: Sim Ah Tee address: SunRight Limited address: 1093 Lower Delta Road address: #02-01/08 address: Singapore 169204 phone: +65 3749553 fax-no: +65 2768426 e-mail: srmis@pacific.net.sg nic-hdl: SAT1-AP notify: hostmaster@singnet.com.sg mnt-by: MAINT-SG-SINGNET changed: hostmaster@singnet.com.sg 20001016 source: APNIC person: SingNet Hostmaster address: SingNet Engineering & Operations address: 2 Stirling Road address: #03-00 Queenstown Exchange address: Singapore 148943 phone: +65 7845922 fax-no: +65 4753273 e-mail: hostmaster@singnet.com.sg nic-hdl: SH9-AP notify: hostmaster@singnet.com.sg mnt-by: MAINT-SG-SINGNET changed: hostmaster@singnet.com.sg 20000921 source: APNIC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b401c11182$fb2f8260$0401a8c0>