Fairly rude surprise in logs this AM -- possible DoS attempt?
David Wolfskill
david at catwhisker.org
Mon Jan 19 19:48:08 PST 2004
>To: baylisa at baylisa.org
>Date: Mon, 19 Jan 2004 13:14:18 -0800
>From: "Wolfgang S. Rupprecht" <wolfgang+gnus-baylisa at dailyplanet.dontspam.wsrcc.com>
>Subject: Re: Fairly rude surprise in logs this AM -- possible DoS attempt?
>Sender: owner-baylisa at baylisa.org
>Could it be related to the new "bagel" microsoft-virus? The following
>article mentions that it tries to connect to remote web sites and also
>to port 6667/tcp.
I didn't see much as far as poking at my Web server, and the target
ports were all over the place (though all 83610 were TCP, vs. UDP); only
3 were to 6667/tcp.
>> Anyone else have similar experiences of late?
>Nothing that far out of the ordinary. Just the usual 500 per day of
>137/udp and a few dozen random ports.
137/udp is one of those I don't even log (though I do get a count every
24 hrs., I don't tend to dwell on it).
Only response so far from zonnet.nl was the auto-response.
Peace,
david
--
David H. Wolfskill david at catwhisker.org
I do not "unsubscribe" from email "services" to which I have not explicitly
subscribed. Rather, I block spammers' access to SMTP servers I control,
and encourage others who are in a position to do so to do likewise.
More information about the Baylisa
mailing list