|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: TCP connections to port 1024 - DDoS?
From: Arrigo Triulzi (arrigo
ALBOURNE.COM)Date: Tue Oct 24 2000 - 16:23:04 CDT
- Next message: Bowman, Kevin: "Re: TCP connections to port 1024 - DDoS?"
- Previous message: Wertheimer, Ishai: "VPN hijacking"
- In reply to: Turpin, Jason: "Re: TCP connections to port 1024 - DDoS?"
- Next in thread: Peter Gamache: "Re: TCP connections to port 1024 - DDoS?"
- Next in thread: Mike Lewinski: "Re: TCP connections to port 1024 - DDoS?"
- Reply: Arrigo Triulzi: "Re: TCP connections to port 1024 - DDoS?"
- Reply: Peter Gamache: "Re: TCP connections to port 1024 - DDoS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Turpin, Jason scripsit:
|I am seeing the same thing the last couple of days. It comes from about 100
|ip's and targets my Mail Servers on port 1024. There are approximately 254
|attempts in less than 10 seconds from these 100 ip's
You might want to consider the fact that some boxes, Linux for
example, often use 1024 as the first port for outgoing connections.
This might be an attempt to "get back" at you in some way on a waiting
connection, man-in-the-middle?
Just a quick thought.
Arrigo
- Next message: Bowman, Kevin: "Re: TCP connections to port 1024 - DDoS?"
- Previous message: Wertheimer, Ishai: "VPN hijacking"
- In reply to: Turpin, Jason: "Re: TCP connections to port 1024 - DDoS?"
- Next in thread: Peter Gamache: "Re: TCP connections to port 1024 - DDoS?"
- Next in thread: Mike Lewinski: "Re: TCP connections to port 1024 - DDoS?"
- Reply: Arrigo Triulzi: "Re: TCP connections to port 1024 - DDoS?"
- Reply: Peter Gamache: "Re: TCP connections to port 1024 - DDoS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]