On Mon, 6 Aug 2001, Luc Pardon wrote: > Maybe this is just three systems behind the same proxy ? Not untypical > for cable ISP's. Not that I've seen. These IP's resolve to hostnames similar @home personal hostnames. As an example.. cXXXXXXX-a.nirving1.tx.home.com (and several hosts where XXXXXXX is just slightly different) show up with double hits in Snort. It and several others like it also rescan about every 45 minutes. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Aug 05 2001 - 20:53:48 PDT