Fairly rude surprise in logs this AM -- possible DoS attempt?

• Previous message: Fairly rude surprise in logs this AM -- possible DoS attempt?
• Next message: Fairly rude surprise in logs this AM -- possible DoS attempt?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>To: baylisa at baylisa.org
>Date: Mon, 19 Jan 2004 13:14:18 -0800
>From: "Wolfgang S. Rupprecht" <wolfgang+gnus-baylisa at dailyplanet.dontspam.wsrcc.com>
>Subject: Re: Fairly rude surprise in logs this AM -- possible DoS attempt?
>Sender: owner-baylisa at baylisa.org

>Could it be related to the new "bagel" microsoft-virus?  The following
>article mentions that it tries to connect to remote web sites and also
>to port 6667/tcp.

I didn't see much as far as poking at my Web server, and the target
ports were all over the place (though all 83610 were TCP, vs. UDP); only
3 were to 6667/tcp.

>> Anyone else have similar experiences of late?

>Nothing that far out of the ordinary.  Just the usual 500 per day of
>137/udp and a few dozen random ports.

137/udp is one of those I don't even log (though I do get a count every
24 hrs., I don't tend to dwell on it).

Only response so far from zonnet.nl was the auto-response.

Peace,
david
-- 
David H. Wolfskill				david at catwhisker.org
I do not "unsubscribe" from email "services" to which I have not explicitly
subscribed.  Rather, I block spammers' access to SMTP servers I control,
and encourage others who are in a position to do so to do likewise.

• Previous message: Fairly rude surprise in logs this AM -- possible DoS attempt?
• Next message: Fairly rude surprise in logs this AM -- possible DoS attempt?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]