|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Can anyone identify this?
From: Brian Burns (bburns
MARKVII.COM)Date: Mon Jul 31 2000 - 13:25:11 CDT
- Next message: Greg A. Woods: "Re: Assistance and advice request"
- Previous message: Yury Bokhoncovich: "Re: FW: SANS FLASH: New Trojan Sending Data To Russia"
- Next in thread: Brian Burns: "Re: Can anyone identify this?"
- Reply: Brian Burns: "Re: Can anyone identify this?"
- Reply: Jason Lewis: "Re: Can anyone identify this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I have just been forwarded this log from a friend's sonicwall.. It appears
that this traffic has been repeating itself (24x7) for over a week. I think
that this might be a coordinated scan, or maybe a DOS attack against a third
party? Is anyone aware of any trojans or probes that are affected on port 3?
Any help for this newbie is appreciated...
07/31/2000 11:36:45.784 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:36:47.304 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:36:48.864 - ICMP packet dropped - Source:x.x.x.69, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:36:50.384 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:36:59.576 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:05.688 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:07.288 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:08.768 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:10.288 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:11.864 - ICMP packet dropped - Source:x.x.x.69, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:14.864 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:16.480 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:19.496 - ICMP packet dropped - Source:x.x.x.69, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:22.576 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:24.096 - ICMP packet dropped - Source:x.x.x.69, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:25.656 - ICMP packet dropped - Source:x.x.x.81, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
07/31/2000 11:37:27.192 - ICMP packet dropped - Source:x.x.x.85, 3,
WAN - Destination:<my ip>, 3, LAN - 'Dest Unreachable' - Rule 0
- Next message: Greg A. Woods: "Re: Assistance and advice request"
- Previous message: Yury Bokhoncovich: "Re: FW: SANS FLASH: New Trojan Sending Data To Russia"
- Next in thread: Brian Burns: "Re: Can anyone identify this?"
- Reply: Brian Burns: "Re: Can anyone identify this?"
- Reply: Jason Lewis: "Re: Can anyone identify this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]