| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Apr 2008 13:33:55 -0400 From: "Joey Mengele" <joey.mengele@...hmail.com> To: offbitz@...il.com, mcwidget@...il.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: lots of connections to 64.40.117.19 port 80 Dear Midget, On Fri, 18 Apr 2008 13:20:18 -0400 mcwidget <mcwidget@...il.com> wrote: >I think what he's saying is that the IP address listed belongs to >one of his >clients and they are receiving connections to port 80 on that IP >from all >over the internet; and asking why this would be happening. > >The obvious answer is because a process running on that IP is >listening on >that port. Really, any more detailed description than that, even >confirming >it's serving a website, is gonna require some packet grabs or info >on the >process listening on that port. Or both. This certainly would clear things up, but how do you propose that can be done? J -- Click to make millions by owning your own franchise. http://tagline.hushmail.com/fc/Ioyw6h4eB8rLlbcehhEXmrdWfNLVAOgPq6z5J89OI2heYeNVzJG4yc/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists