Hello Does anyone has seen an increase of activity on port 3061 tcp and udp? today i register at least 5000 drops on my firewall just today ,all of the has the same ip as target. some part of the logs Dec 6 18:21:50 fw-int kernel: UDP DROP (global REJECT): IN=eth2 OUT=eth0 SRC=200.30.216.98 DST=XXX.XX.XX.XXX LEN=70 TOS=0x00 PREC=0x00 TTL=122 ID=61524 PROTO=UDP SPT=2189 DPT=3061 LEN=50 SRC Address are multiple ones -- Marcelo Bartsch mbartschat_private www.netglobalis.net PGP Fingerprint : 877E 3A56 F523 B44A 3260 8F83 8916 E158 6100 F721 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Dec 08 2002 - 19:37:20 PST