RE: Scans for 17300/tcp starting again

• Previous message: Joe Matusiewicz: "Re: Scans for 17300/tcp starting again"
• Maybe in reply to: jchaserat_private: "Scans for 17300/tcp starting again"
• Next in thread: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://vil.nai.com/vil/content/v_693.htm << check it out.

Kuang2TheVirus >> http://isc.incidents.org/port_details.html?port=17300

Regards,

Greg DeGennaro Jr., CCNP
Security Analyst


-----Original Message-----
From: jchaserat_private [mailto:jchaserat_private] 
Sent: Wednesday, July 30, 2003 5:14 PM
To: incidentsat_private
Subject: Scans for 17300/tcp starting again



Jul 27 05:14:46 IN=eth0 SRC=67.115.163.162
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=119
ID=35431 DF PROTO=TCP SPT=2652 DPT=17300 WINDOW=8160
RES=0x00 SYN URGP=0 OPT (0204055001010402)
Jul 27 10:51:19 IN=eth0 SRC=217.88.161.245
DST=129.X.Y.Z LEN=52 TOS=0x00 PREC=0x00 TTL=116
ID=56655 DF PROTO=TCP SPT=4181 DPT=17300 WINDOW=32767
RES=0x00 SYN URGP=0 OPT (020405AC0103030001010402)
Jul 27 11:04:50 IN=eth0 SRC=217.88.161.245
DST=129.X.Y.Z LEN=52 TOS=0x00 PREC=0x00 TTL=116
ID=65214 DF PROTO=TCP SPT=1500 DPT=17300 WINDOW=32767
RES=0x00 SYN URGP=0 
Jul 27 13:35:33 IN=eth0 SRC=172.178.137.182
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=2788
DF PROTO=TCP SPT=2990 DPT=17300 WINDOW=65535 RES=0x00
SYN URGP=0 OPT
(0204055001010402)                                          

Jul 27 13:49:54 IN=eth0 SRC=172.178.137.182
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=114
ID=14232 DF PROTO=TCP SPT=1628 DPT=17300 WINDOW=65535
RES=0x00 SYN URGP=0
Jul 27 14:42:19 IN=eth0 SRC=69.14.236.37 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=61016 DF PROTO=TCP
SPT=4107 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0 OPT
(020405B401010402)
Jul 27 14:48:15 IN=eth0 SRC=80.142.223.209
DST=129.X.Y.Z LEN=52 TOS=0x00 PREC=0x00 TTL=116
ID=14373 DF PROTO=TCP SPT=4490 DPT=17300 WINDOW=32767
RES=0x00 SYN URGP=0 OPT
(020405AC0103030001010402)                                  

Jul 27 14:57:11 IN=eth0 SRC=69.14.236.37 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=41548 DF PROTO=TCP
SPT=2197 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0
Jul 27 15:02:19 IN=eth0 SRC=80.142.223.209
DST=129.X.Y.Z LEN=52 TOS=0x00 PREC=0x00 TTL=116
ID=21858 DF PROTO=TCP SPT=4494 DPT=17300 WINDOW=32767
RES=0x00 SYN URGP=0
Jul 28 09:11:07 IN=eth0 SRC=80.167.199.116
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=110
ID=30980 DF PROTO=TCP SPT=4402 DPT=17300 WINDOW=16384
RES=0x00 SYN URGP=0 OPT
(020405B401010402)                                          

Jul 28 09:24:36 IN=eth0 SRC=80.167.199.116
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=110
ID=29558 DF PROTO=TCP SPT=1499 DPT=17300 WINDOW=16384
RES=0x00 SYN URGP=0
Jul 29 07:11:41 IN=eth0 SRC=199.174.135.48
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=114
ID=32659 DF PROTO=TCP SPT=3940 DPT=17300 WINDOW=8760
RES=0x00 SYN URGP=0 OPT (020405B401010402)
Jul 29 07:25:24 IN=eth0 SRC=199.174.135.48
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=114
ID=31495 DF PROTO=TCP SPT=2074 DPT=17300 WINDOW=8760
RES=0x00 SYN URGP=0
Jul 29 09:32:41 IN=eth0 SRC=66.183.255.129
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=111
ID=53709 DF PROTO=TCP SPT=2394 DPT=17300 WINDOW=64240
RES=0x00 SYN URGP=0 OPT (020405B401010402)
Jul 29 09:48:18 IN=eth0 SRC=66.183.255.129
DST=129.X.Y.Z LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=4827
DF PROTO=TCP SPT=3240 DPT=17300 WINDOW=64240 RES=0x00
SYN URGP=21484
Jul 29 12:56:44 IN=eth0 SRC=68.80.26.104 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=10313 DF PROTO=TCP
SPT=2005 DPT=17300 WINDOW=64240 RES=0x00 SYN URGP=0 OPT
(020405B401010402)                                            

Jul 29 13:10:35 IN=eth0 SRC=68.80.26.104 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=7714 DF PROTO=TCP
SPT=2682 DPT=17300 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 29 15:06:05 IN=eth0 SRC=80.83.57.213 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=4233 DF PROTO=TCP
SPT=4583 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0 OPT
(020405B401010402)
Jul 29 15:20:14 IN=eth0 SRC=80.83.57.213 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=20004 DF PROTO=TCP
SPT=4088 DPT=17300 WINDOW=16384 RES=0x00 SYN
URGP=0                                                                   

Jul 29 20:59:36 IN=eth0 SRC=24.103.56.108 DST=129.X.Y.Z
LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=9492 DF PROTO=TCP
SPT=4404 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0

---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Brad Bemis: "RE: Command Line RPC vulnerability scanner?"
• Previous message: Joe Matusiewicz: "Re: Scans for 17300/tcp starting again"
• Maybe in reply to: jchaserat_private: "Scans for 17300/tcp starting again"
• Next in thread: Esler, Joel Contractor: "RE: Scans for 17300/tcp starting again"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 09:28:53 PDT