On Thu, 13 Mar 2003, larosa, vjay wrote:
>
> Some of the systems respond to a ping, none respond to
> any HTTP requests. It doesn't mean that they are not
> firewalled from incoming traffic though.
I checked the entries in my logs. The only one that
responded was indeed an IIS. All other IP gave me a
"connection refused" or a simple timeout.
With that being said about the non-three-way-handshake
hits, I wonder if some of the addresses are spoofed;
coming from a compiled list or something. Except for
one hit all came from (different) 217.x.y.z addresses.
Anyone else observed something similar?
Have fun,
Chris.
--
GeNUA mbH
----------------------------------------------------------------------------
<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
This archive was generated by hypermail 2b30 : Fri Mar 14 2003 - 10:04:03 PST