Hi Everybody, Just got a quick question. I was reviewing logs on my shadow box and noticed that for a period of a couple hours we had packet conversation between two hosts ( one local and one remote ) through port 137 using udp 50. My PIX acl's dont have any ruleset to allow this network in at all except through say port 80 to our web servers. Is this a known attack or probe? Thanks. James Carder
This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 08:49:38 PDT