For the last 24 hours I've had our firewall hammered repeatedly from 10.0.1.1 - 10.0.1.9, all 9 addresses simultaneously going at all ports over 1024, over and over again! Obviously spooofed packet headers - and just as I got annoyed enough to want to start digging a bit deeper, the silly buggers stop! Now isn't that annoying! Anyway, what was interesting about this was also that, if I changed the IP address of the firewall's external interface say one up or one down, the ruddy things followed it! Obviously then whatever it was, was continuously strobing a whole block of IP addresses! Anyone else seen anything like this lately? Later Konrad ************************************************************* * Linux isn't unfriendly - * its just really picky about who its friends are! ************************************************************* ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Aug 22 2001 - 10:27:39 PDT