|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Theodore Knab (tjk
annapolislinux.org)Date: Wed Jan 16 2002 - 17:05:48 CST
I thought that someone might have been trying to steal my tcp/ip session.
At the time, I was passing my credit card information through port 443
to register.com.
The timing and the port made me a little suspicious.
Is this what it looks like when someone tries to steal a tcp/ip session ?
Jan 15 22:50:17 gate ipmon[1847]: 22:50:16.489956 xl0 0:87
b www.register.com,443 -> 192.168.1.10,54920 PR tcp len 20 40 -R IN
Jan 15 22:50:26 gate ipmon[1847]: 22:50:25.622682 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54832 PR tcp len 20 403 -AFP IN
Jan 15 22:50:49 gate ipmon[1847]: 22:50:49.132313 xl0 0:87
b www.register.com,443 -> 192.168.1.10,54920 PR tcp len 20 40 -R IN
Jan 15 22:50:49 gate ipmon[1847]: 22:50:49.244242 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54834 PR tcp len 20 403 -AFP IN
Jan 15 22:50:53 gate ipmon[1847]: 22:50:52.777170 xl0 0:14
b 10.30.101.75,443 -> myipaddress,54843 PR tcp len 20 75 -AFP IN
Jan 15 22:51:02 gate ipmon[1847]: 22:51:02.292553 xl0 0:14
b 10.30.101.71,85 -> myipaddress,54833 PR tcp len 20 434 -AFP IN
Jan 15 22:51:03 gate ipmon[1847]: 22:51:03.009955 xl0 0:14
b 10.30.101.31,443 -> myipaddress,54842 PR tcp len 20 75 -AFP IN
Jan 15 22:51:18 gate ipmon[1847]: 22:51:18.326738 xl0 0:14
b 10.30.101.30,443 -> myipaddress,54841 PR tcp len 20 75 -AFP IN
Jan 15 22:51:45 gate ipmon[1847]: 22:51:44.715565 xl0 0:87
b 207.153.203.227,443 -> myipaddress,54943 PR tcp len 20 40 -R IN
Jan 15 22:51:48 gate ipmon[1847]: 22:51:48.047477 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54839 PR tcp len 20 403 -AFP IN
Jan 15 22:51:55 gate ipmon[1847]: 22:51:54.411986 xl0 0:87
b www.register.com,443 -> 192.168.1.10,54920 PR tcp len 20 40 -R IN
Jan 15 22:51:59 gate ipmon[1847]: 22:51:59.177845 xl0 0:14
b 10.30.101.32,443 -> myipaddress,54917 PR tcp len 20 75 -AFP IN
Jan 15 22:52:03 gate ipmon[1847]: 22:52:03.278497 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54838 PR tcp len 20 434 -AFP IN
Jan 15 22:52:08 gate ipmon[1847]: 22:52:08.011589 xl0 0:14
b 10.30.101.70,85 -> myipaddress,54831 PR tcp len 20 407 -AFP IN
Jan 15 22:52:25 gate ipmon[1847]: 22:52:24.596353 2x xl0
0:14 b 10.30.101.28,443 -> myipaddress,54953 PR tcp len 20 75 -AFP IN
Jan 15 22:52:26 gate ipmon[1847]: 22:52:25.629315 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54832 PR tcp len 20 403 -AFP IN
Jan 15 22:52:26 gate ipmon[1847]: 22:52:25.976259 xl0 0:14
b 10.30.101.28,443 -> myipaddress,54953 PR tcp len 20 75 -AFP IN
Jan 15 22:52:28 gate ipmon[1847]: 22:52:27.816094 xl0 0:14
b 10.30.101.28,443 -> myipaddress,54953 PR tcp len 20 75 -AFP IN
Jan 15 22:52:32 gate ipmon[1847]: 22:52:31.496142 xl0 0:14
b 10.30.101.28,443 -> myipaddress,54953 PR tcp len 20 75 -AFP IN
Jan 15 22:52:39 gate ipmon[1847]: 22:52:38.856438 xl0 0:14
b 10.30.101.28,443 -> myipaddress,54953 PR tcp len 20 75 -AFP IN
Jan 15 22:52:49 gate ipmon[1847]: 22:52:49.251297 xl0 0:14
b 10.30.101.73,85 -> myipaddress,54834 PR tcp len 20 403 -AFP IN
Jan 15 22:52:53 gate ipmon[1847]: 22:52:52.781275 xl0 0:14
b 10.30.101.75,443 -> myipaddress,54843 PR tcp len 20 75 -AFP IN
-- ---------------------- GNU PGP public key http://www.annapolislinux.org/docs/public_key/GnuPG.txt --------------------- Ted Knab
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]