On Tue, 16 Apr 2002, Steve Vawter wrote: > Where did you find SMTP? SMTP lives on port 25/tcp. Unless some > sites run it in strange places for "security" through obscurity > reasons. he said 'snmp', which sits on 167/udp. he also saaw 1067/udp. a typo, perhaps, given the recent spate of snmp problems. > -----Original Message----- > From: LAVELLE,MICHAEL (HP-PaloAlto,ex1) [mailto:mlavelleat_private] > Sent: Tuesday, April 16, 2002 8:36 AM > To: incidentsat_private > Subject: Strange UDP Activity > I recently started seeing strange UDP traffic to my home DSL, which is > included below. It has been active for the last 4 days at all hours. > None of these IPs are DNS servers that I use, and much of the activity > is when all of my computers are off. Google led me to port 1067 as > being an SNMP port, but I have SNMP disabled on all devices at home, > and the ACL blocks it anyway. ___________________________ jose nazario, ph.d. joseat_private http://www.monkey.org/~jose/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 13:00:40 PDT