RE: Scans from Moscow

From: Alan Wright (AlanJWrightat_private)
Date: Wed Oct 17 2001 - 10:28:24 PDT

  • Next message: Markus De Shon: "More info on DarkMachine"

    I am going to snip most of my stuff out of this email and just leave yours in,
    I would think that incidents here is the best place for input.
    How many hits are you getting from each address?
    
    
    
    
    
    
    
    
    At 19:21 16/10/2001 -0400, you wrote:
    >Alan,
    >   A little messy, but this is a list of my problems over the last week or
    >so, nothing from Russia though..  Do you know of a good site to enter in IP
    >addresses then receive a list of reports from other Administrators?  Might
    >be a help to both of us and others.
    >
    >
    >28-Aug-01       Wiznet Inc.     Toronto Ontario 
    >Canada  216.129.216.36  http port scans
    >28-Aug-01       Wiznet Inc.     Toronto Ontario 
    >Canada  216.129.213.43.stott.wiznet.ca
    >http port scans
    >15-Oct-01       Wiznet Inc.     Toronto Ontario 
    >Canada  216.129.217.9   http port scans
    >15-Oct-01       Business Internet Inc.  Tampa   Florida United 
    >States   216.0.151.158
    >port 27374 scan
    >15-Oct-01       Kersur 
    >Technologies     Manchaug        Massachusetes   United States
    >216.129.158.18  http port scans
    >16-Oct-01       One Care        New York        New Yorl        United 
    >States   216.213.85.230  http port
    >scans
    >11-Oct-01       Taiwan Network Information 
    >Centre       Taipei          Taiwan  202.39.29.198
    >port 1080 scan
    >13-Oct-01       Acer Internet Services 
    >Inc.     Taipei          Taiwan  210.67.84.6     printer
    >port scan
    >14-Oct-01       Korea Telecom   Seoul           Korea   211.220.193.214 
    >port 22452 scan
    >14-Oct-01       Korea Network Information 
    >Centre        Seocho-Dong     Seocho-ku       Korea
    >211.196.153.182 printer port scan
    >9-Oct-01        Korea Network Information 
    >Centre        Seocho-Dong     Seocho-ku       Korea
    >211.46.246.194  Exchange_ports_1 scan
    >9-Oct-01        Korea Network Information 
    >Centre        Seocho-Dong     Seocho-ku       Korea
    >211.196.153.182 printer port scan
    >10-Oct-01       Xi'an High Tech Development     Xi'an City      Shaanxi China
    >202.100.26.185  printer port scan
    >4-Oct-01        Shandong Qingdao Furuitai Chenxi Business 
    >Co.   Jinan   Shandong        China
    >202.110.195.88  printer port scan
    >10-Oct-01       DigiTel Communications Asia Ltd.        Hong 
    >Kong               Hong Kong
    >202.122.224.234 Exchange_ports_1 scan
    >7-Oct-01        HanseNet Telefongesellschaft mbH & Co. 
    >KG       Hamburg         Germany
    >213.191.86.21   printer port scan
    >7-Oct-01        HanseNet Telefongesellschaft mbH & Co. 
    >KG       Hamburg         Germany
    >213.191.86.21   ftp port scan
    >7-Oct-01        HanseNet Telefongesellschaft mbH & Co. 
    >KG       Hamburg         Germany
    >213.191.86.21   port 54681 scan
    >11-Oct-01       Apple Online    London          United 
    >Kingdom  213.219.19.162  port 22 scan
    >(SSH)
    >5-Oct-01        BT ADSL Sandridge       Hertfordshire   United 
    >Kingdom  213.123.146.178 port
    >1080 scan
    >5-Oct-01        BT ADSL Sandridge       Hertfordshire   United 
    >Kingdom  213.123.146.178 ftp
    >port scan
    >
    >
    > >
    > >-----Original Message-----
    > >From: Alan Wright [mailto:AlanJWrightat_private]
    > >Sent: Sunday, October 14, 2001 3:11 PM
    > >To: security-basicsat_private
    > >Subject: Scans from Moscow
    > >
    > >
    > >Anyone else getting http probes out of Moscow College of Business
    > >Administration ?
    > >Second time this week from Moscow , both from 'organisations'
    > >
    > >All the best
    > >
    > >Alan
    > >
    > >
    > >
    > >Alan J Wright B.Sc(Hons)(Open)
    > >SMS +47624462772.
    > >Email AlanJWrightat_private
    > >          foll478trapat_private
    > >
    > >
    > >'You're a feisty little one but you'll soon learn respect'
    > >
    > >Return of the Jedi
    >
    >All the best
    >
    >Alan
    >
    >
    >
    >Alan J Wright B.Sc(Hons)(Open)
    >SMS +47624462772.
    >Email AlanJWrightat_private
    >          foll478trapat_private
    >
    >
    >'You're a feisty little one but you'll soon learn respect'
    >
    >Return of the Jedi
    
    All the best
    
    Alan
    
    
    
    Alan J Wright B.Sc(Hons)(Open)
    SMS +47624462772.
    Email AlanJWrightat_private
             foll478trapat_private
    
    
    'You're a feisty little one but you'll soon learn respect'
    
    Return of the Jedi
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 10:56:35 PDT