| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1067436836.2219.1.camel@localhost> From: ebowser at i-trap.net (Eric Bowser) Subject: Fw: sharp increase on 27347/TCP The IDS sensors I have outside the firewall only detected SYN packets since the ports were blocked by the firewall. On Wed, 2003-10-29 at 00:28, SPAM wrote: > Same here.. but now it's dropping as fast as it raises.. did anyone manage > to capture what's inside? > > > ----- Original Message ----- > From: "Eric Bowser" <ebowser@...rap.net> > To: <full-disclosure@...ts.netsys.com> > Sent: Wednesday, October 29, 2003 4:51 AM > Subject: Re: [Full-Disclosure] sharp increase on 27347/TCP > > > > That's what I thought at first, but why the sudden interest in 27374 > > then? Also, incidents.org is showing 200+ sources... that a whole > > state's worth of dyslexic people... > > > > Incidents.org is now showing 1.1 million hits today alone. Something > > big just came out, but I can't figure out what... > > > > > > On Tue, 2003-10-28 at 16:09, Will Image wrote: > > > oh no its a dyslexic pereson scannin for Sub7!!! (27374) > > > > > > bah > > > > > > Joshua Levitsky <jlevitsk@...hie.com> wrote: > > > http://isc.incidents.org/port_details.html?port=27347 > > > > > > I'd say probably something is coming... that's a pretty sharp > > > spike on the > > > graph. > > > > > > -Josh > > > > > > -- > > > Joshua Levitsky, MCSE, CISSP > > > System Engineer > > > Time Inc. Information Technology > > > [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] > > > > > > ----- Original Message ----- > > > From: "Eric Bowser" > > > To: > > > Sent: Tuesday, October 28, 2003 12:44 PM > > > Subject: [Full-Disclosure] sharp increase on 27347/TCP > > > > > > > > > > I've noticed a sharp increase in probes of port 27347/TCP > > > against our > > > > equipment over the past couple of days. Zero hits for weeks, > > > 58 > > > > yesterday, and 224 so far today. Incidents.org seems to > > > confirm this, > > > > very light activity for weeks, and suddenly 781,000 > > > yesterday and > > > > 938,000 so far today. > > > > > > > &! gt; Has anybody else seen this? > > > > > > > > -- > > > > Eric J. Bowser > > > > 330.658.9858 direct > > > > 330.658.0123 fax > > > > > > > > i-TRAP Internet Security Services > > > > 888-658-TRAP toll-free > > > > 330.658.1040 local > > > > www.i-trap.net > > > > > > > > _______________________________________________ > > > > Full-Disclosure - We believe in it. > > > > Charter: > > > http://lists.netsys.com/full-disclosure-charter.html > > > > > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > > ______________________________________________________________________ > > > Do you Yahoo!? > > > Exclusive Video Premiere - Britney Spears > > -- > > Eric J. Bowser > > 330.658.9858 direct > > 330.658.0123 fax > > > > i-TRAP Internet Security Services > > 888-658-TRAP toll-free > > 330.658.1040 local > > www.i-trap.net > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- Eric J. Bowser 330.658.9858 direct 330.658.0123 fax i-TRAP Internet Security Services 888-658-TRAP toll-free 330.658.1040 local www.i-trap.net
Powered by blists - more mailing lists