lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <686f76265a.6265a686f7@bigpond.com> From: rocco.s at telstra.com (rocco.s) Subject: Re: updated 135/tcp log counter mrtg image > Is the graph total packets logged or unique IPs? Thanks. Trying to > get a handle on the spread... total port 135 tcp/syn. therefore spread fairly linear from what were seeing. setting up blackholes on 135 and 4444 then using ngrep 'tftp -i' (port 4444 attempt only occurs if attacking host gets a connect for 135/tcp), yields differant results, showing approx 2.5% of traffic is non 'blast/poza/rant', but simple sweeps for 135/tcp. using awk/uniq, i get 794 hosts from 5755 attempts @ 15:05 AEST. ---------------- Powered by telstra.com
Powered by blists - more mailing lists