Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Jul 2001 20:17:59 -0500
From:      David Powers <dnpowers@swbell.net>
To:        freebsd-security@freebsd.org
Subject:   Recent probes
Message-ID:  <00b401c11182$fb2f8260$0401a8c0@swbell.net>
next in thread | raw e-mail | index | archive | help 
I have been getting a rash of probes to TCP/80 recently, is there a recent
issue that they might be trying to exploit?  Below is the data on the probes
origination.

/kernel: ipfw: 65435 Deny TCP 203.126.35.77:2543 64.218.90.203:80 in via
tun0

; <<>> DiG 8.3 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;      77.35.126.203.in-addr.arpa, type = ANY, class = IN

;; AUTHORITY SECTION:
35.126.203.in-addr.arpa.  1D IN SOA  dnspri.singnet.com.sg.
hostmaster.singnet.com.sg. (
                                        2000101700      ; serial
                                        30M             ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

inetnum:     203.126.35.64 - 203.126.35.95
netname:     SUNRIGHT-SG
descr:       SunRight Limited
descr:       1093 Lower Delta Road
descr:       #02-01/08
descr:       Singapore 169204
country:     SG
admin-c:     SAT1-AP
tech-c:      SH9-AP
rev-srv:     dnssec1.singnet.com.sg
rev-srv:     dnssec2.singnet.com.sg
rev-srv:     dnssec3.singnet.com.sg
notify:      hostmaster@singnet.com.sg
mnt-by:      MAINT-SG-SINGNET
changed:     hostmaster@singnet.com.sg 20001016
source:      APNIC

person:      Sim Ah Tee
address:     SunRight Limited
address:     1093 Lower Delta Road
address:     #02-01/08
address:     Singapore 169204
phone:       +65 3749553
fax-no:      +65 2768426
e-mail:      srmis@pacific.net.sg
nic-hdl:     SAT1-AP
notify:      hostmaster@singnet.com.sg
mnt-by:      MAINT-SG-SINGNET
changed:     hostmaster@singnet.com.sg 20001016
source:      APNIC

person:      SingNet Hostmaster
address:     SingNet Engineering & Operations
address:     2 Stirling Road
address:     #03-00 Queenstown Exchange
address:     Singapore 148943
phone:       +65 7845922
fax-no:      +65 4753273
e-mail:      hostmaster@singnet.com.sg
nic-hdl:     SH9-AP
notify:      hostmaster@singnet.com.sg
mnt-by:      MAINT-SG-SINGNET
changed:     hostmaster@singnet.com.sg 20000921
source:      APNIC


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b401c11182$fb2f8260$0401a8c0>