Proxy Scans to dail up hosts...

From: Grimes, Shawn (NIA/IRP) (GrimesShat_private)
Date: Fri Nov 30 2001 - 07:14:27 PST

Next message: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."

Previous message: Grimes, Shawn (NIA/IRP): "RE: Code Red -- AGAIN?!?"
Next in thread: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."
Reply: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I notice in my snort logs that I have a box:
193.109.122.5 (proxyscan.undernet.org)

That is connecting to some of our dial-up hosts and performing FYN scans on
1080 & 8080 (proxies).  

Has anyone else seen similar activity?

Thank You,
Shawn Grimes
Computer Specialist
NCTS - Gerontology Research Center
410-558-8007
grimesshat_private 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."
Previous message: Grimes, Shawn (NIA/IRP): "RE: Code Red -- AGAIN?!?"
Next in thread: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."
Reply: Dave Mitchell: "Re: Proxy Scans to dail up hosts..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 30 2001 - 13:51:35 PST