This guy has scanned my system a dozen or so times in the last two days. He can't be legitimate: If he is supposedly a security professional, he would not perform scans of this type uninvited. My BlackIce PF calls this suspicious activity, "...TCP port probes directed at ports 3128, 8000, and 8080, which may indicate that an attacker is searching the system for a proxy server." By the way, he is also showing up looking a for a SOCKS server..."TCP port probes directed at port 1080, which may indicate that an attacker is scanning to determine if the system is running SOCKS." ----- Original Message ----- From: "Chris Boyd" <cboydat_private> To: <incidentsat_private> Sent: Friday, May 16, 2003 6:31 PM Subject: Scans from proxyprotector.com > I'm seeing many proxy scans from 64.201.104.2, > for.information.see.proxyprotector.com. I did not request the scans, > and the link on his page is broken. All emails to common addresses at > the domain are bouncing user unknown. Is this dude legit, or just > pretending to be trying to help prevent proxy abuse? > > --Chris > > > -------------------------------------------------------------------------- -- > *** Wireless LAN Policies for Security & Management - NEW White Paper *** > Just like wired networks, wireless LANs require network security policies > that are enforced to protect WLANs from known vulnerabilities and threats. > Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. > > To get your FREE white paper visit us at: > http://www.securityfocus.com/AirDefense-incidents > -------------------------------------------------------------------------- -- ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sat May 17 2003 - 09:17:33 PDT