i made the mistake of running gnutella over a year ago and I still have machines hitting my firewall. dhickmanat_private Jos Kirps|EducDesign wrote: > Date: Wed, 29 Jan 2003 19:21:44 +0100 > Subject: Firewall logging port 6346 > From: Jos Kirps|EducDesign <jos.kirpsat_private> > To: incidentsat_private > > > My firewall has logged 131.114.2.90 trying to connect to > my port 6346, this has been happening for quite some time > now, about once a minute. > > I know that this is the standard port for Gnutella (it also > says gnutella-svc), but I would like to know if this is just > a server trying to connect to the wrong machine (I'm using > a modem to connect to the internet, dynamic IP, maybe > someone was communicating with 131.114.2.90 before > I connected using this IP?), or could this be some malware? > > I traced the 131.114.2.90 machine back to ser-fib.unipi.it > (131.114.191.50), but traceroute couldn't get any further. > Could this mean that the network is slow / broken down > there in Italy (I suppose it's Italy). > > Best regards, > > Jos Kirps > > ----------------------------------------------------- > EducDesign S.A. > Where Learning and Technology meet > > 20, rue de l'Ecole, L-3233 Bettembourg > Luxembourg (Europe) > tel. +352 51 66 52 > fax. +352 52 26 76 > ----------------------------------------------------- > http://www.educdesign.lu > infoat_private > ----------------------------------------------------- > IT-Services > Intranet-Internet Solutions & Multimedia > Innovation Managment & Project Development > Consulting, Training & Coaching in IT and Education > ----------------------------------------------------- > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management and > tracking system please see: http://aris.securityfocus.com > > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 11:01:14 PST