On Wed, Jan 10, 2001 at 05:20:36PM -0600, Los, Ralph wrote:
> 01/09/2001 04:34:36.928 - UDP packet dropped -
> Source:other.net.11.66, 928, WAN - Destination:My.sub.net.162, 137, LAN
>
> The scans come at a seemingly timed interval, and after speaking
> with one of the network OPS personnel over at the company, it appears to be
> a unconfirmed version of *nix with some sort of mail program running on it.
I would rather guess it is a

10:22am guidoinferno:~>grep 137 /etc/services
netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp

Windoze netbios traffic.

So I see 2 options:
- The remote machine is Win-based, and tries to speak with yours
- The remote machine is a unix running a version of samba, and
  behaving accordingly.

HTH, HAND

--
Guido Bolognesi ... guidodsnet.it
Responsabile sistemi ambiente Unix . Cable & Wireless DSNet
Unix _is_ user-friendly. Just _very_ selective about his friends.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]