lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: jlay at ameriben.com (James Lay)
Subject: Daily mass scan from APNIC?

Heh...I get this every morning like clockwork:

Sep 11 07:46:30 gateway snort: Portscan detected from 220.72.57.52
Talker(fixed: 0 sliding: 0) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:31 gateway snort: Portscan detected from 220.72.57.52
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:46:33 gateway snort: Portscan detected from 220.120.165.204
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:33 gateway snort: Portscan detected from 61.85.92.237
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:34 gateway snort: Portscan detected from 220.120.165.204
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:46:41 gateway snort: Portscan detected from 222.103.9.13
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:42 gateway snort: Portscan detected from 222.103.9.13
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:46:43 gateway snort: Portscan detected from 221.156.232.234
Talker(fixed: 0 sliding: 0) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:44 gateway snort: Portscan detected from 221.156.232.234
Talker(fixed: 1 sliding: 1) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:46:50 gateway snort: Portscan detected from 221.155.158.165
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:46:53 gateway snort: Portscan detected from 221.155.158.165
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:47:09 gateway snort: Portscan detected from 221.152.85.62
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:47:10 gateway snort: Portscan detected from 221.152.85.62
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:47:16 gateway snort: Portscan detected from 220.221.11.189
Talker(fixed: 0 sliding: 0) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:47:17 gateway snort: Portscan detected from 220.221.11.189
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 
Sep 11 07:47:18 gateway snort: Portscan detected from 220.221.11.189
Talker(fixed: 10 sliding: 10) Scanner(fixed: 24 sliding: 24) 
Sep 11 07:47:28 gateway snort: Portscan detected from 220.77.225.211
Talker(fixed: 1 sliding: 1) Scanner(fixed: 5 sliding: 5) 
Sep 11 07:47:29 gateway snort: Portscan detected from 220.77.225.211
Talker(fixed: 2 sliding: 2) Scanner(fixed: 20 sliding: 20) 

Anyone else seeing these?

James Lay
Network Manager/Security Officer
AmeriBen Solutions/IEC Group
Deo Gloria!!!

Powered by blists - more mailing lists