|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [Snort-users] 13 instances of ping bsd
From: Mark Rowlands (mark.rowlands
minmail.net)Date: Tue Nov 28 2000 - 05:32:39 CST
- Next message: andy lowton: "Re: [Snort-users] tcp/510 probe"
- Previous message: Juergen Schmidt: "[Snort-users] snort dying quietly"
- In reply to: Todd Backman: "Re: [Snort-users] 13 instances of ping bsd"
- Next in thread: Mark Rowlands: "Re: [Snort-users] 13 instances of ping bsd"
- Next in thread: jessjessland.net: "Re: [Snort-users] 13 instances of ping bsd"
- Reply: Mark Rowlands: "Re: [Snort-users] 13 instances of ping bsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> On Tue, 28 Nov 2000, Mark Rowlands wrote:
> > [**] IDS152 - PING BSD [**]
> > 11/27-22:49:21.777738 0:80:C8:56:FB:5 -> 0:10:4B:B6:F1:7B type:0x800
> > len:0x62 203.197.173.129 -> 62.5.7.17 ICMP TTL:56 TOS:0x0 ID:55074
> > ID:23472 Seq:51862 ECHO
> > 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 ................
> > 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 26 27 ........ !"#$%&'
> > 28 29 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 36 37 ()*+,-./01234567
> > 38 39 3A 3B 3C 3D 3E 3F 89:;<=>?
> >
> > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> >
> > hi folks, got 13 of these within millisecs of each other all different
> > IPs but apparently same mac address...... none of the addresses have
> > shown up before or since. any thoughts?
On Tuesday 28 November 2000 07:43, Todd Backman wrote:
> I am curious if the 13 diff IP's were from unassigned IP space of major
> bandwidth providers?
>
> - Todd
>
63.140.2.3 3.winstar.net VIENNA WINSTAR
208.185.54.14 208.185.54.14.speedera.com San Jose Abovenet Communications
200.194.68.4 Brazil RNP
202.130.158.130 Hong Kong UUNET Hong Kong Limited
202.54.111.72 India VSNL - ISP
203.166.49.226 speedera? Australia UUNET-AU Customer Assignment
203.197.173.129 India Videsh Sanchar Nigam Ltd - India.
206.63.151.4 Seattle Reed McClure
216.219.241.162 Ft. Lauderdale CyberGate
204.176.88.5 Santa Clara Speed Era Networks
209.155.224.130 Larkspur CRL Network Services
207.235.98.194 hop before is speedera Houston 4GL Corporation
64.67.26.194 host.domain.com Sterling Network Access Solutions -
Atlantic Telecom
not sure exactly what you been by unassigned : an eclectic little collection
non?.......speedera pop up 4 times. packets were received within a 1.6
seconds time interval...the mac address (doh) is the isp's local switch,ttls
are all between 39-56
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-users
- Next message: andy lowton: "Re: [Snort-users] tcp/510 probe"
- Previous message: Juergen Schmidt: "[Snort-users] snort dying quietly"
- In reply to: Todd Backman: "Re: [Snort-users] 13 instances of ping bsd"
- Next in thread: Mark Rowlands: "Re: [Snort-users] 13 instances of ping bsd"
- Next in thread: jessjessland.net: "Re: [Snort-users] 13 instances of ping bsd"
- Reply: Mark Rowlands: "Re: [Snort-users] 13 instances of ping bsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]