It's great to see a high level of professionalism here. Seeral explanations come to mind: One of Microsoft's broken load balancers is back at work. These things were infamous for sending packets hours and even days after you ran windowsupdate. You did create an outgoing connection, but you weren't at home? How can this be. Perhaps you sent or received email. Or someone spoofed your IP address while attacking Microsoft. Or someone spoofed Microsoft. Or it's a badly configured nmap attempt. Seriously, who cares, it's an ACK packet. If I complained about every spurious "attack" my systems recieved, with only 10 seconds needed to fully respond to each attack (investigate, research, prepare a summary and email it to the right people) I'd have to hire a small army of Rhesus monkeys, as well as 4 guys to clean out their cages. Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 31 2003 - 09:35:39 PST