On Fri, 25 Jan 2002, James Hoagland wrote: > Hello John, > > Have you looked into whether your host X is advertising a service on > the ports in question? A game server or some such. Yes. It turns out that 'X' was running an AudioGalaxy satellite and the connections appear to be P2P requests (the src and dest ports match the particular protocols) which matches the random nature of the hosts and the seemingly centrally managed port numbers they were trying to access. Cheers, JB -- John Bland M.Phys (Hons) AMInstP / \ PhD Student & Sys Admin Email: j.bland at cmp.liv.ac.uk / \ Condensed Matter Group http://ringtail.cmp.liv.ac.uk/ / \ Liverpool University "Don't make me bite you in hard-to-reach places!" -- The Tick ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 25 2002 - 10:49:35 PST