Although there seems to be a positive trend in port 27374 (Sub7) probes, there doesn't seem to be anything so far out of bounds that is indicitive of a new worm etc. I'll definatly be keeping an eye on it for awhile though. Let's see if anything develops here. Here's the numbers for Port 27374 probes over the past couple weeks. 2001-10-29 75 2001-10-30 1659 2001-10-31 1660 2001-11-01 1154 2001-11-02 1241 2001-11-03 1396 2001-11-04 1429 2001-11-05 1380 2001-11-05 100 2001-11-06 1342 2001-11-07 1200 2001-11-08 1386 2001-11-09 1467 2001-11-10 2080 2001-11-11 1729 2001-11-12 1382 -- Nathan Einwechter ----- Original Message ----- From: Neil Dickey <neilat_private> To: <incidentsat_private> Sent: Monday, November 12, 2001 5:22 PM Subject: Re: sub-7 > > Leon de France <leon.defranceat_private> wrote asking: > > >Anyone notice an increase in port scans to 27374 in the last week? I > >noticed several, all from different addresses. > > Yes, we did. We don't normally see scans to that port, but there were > several last week. > > Best regards, > > Neil Dickey, Ph.D. > Research Associate/Sysop > Geology Department > Northern Illinois University > DeKalb, Illinois > 60115 > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 07:24:08 PST