If it was @home scanning you you would have it from ops-scan.home.net I
get these from them at about 1:30 am every morning. everyday.
-----------------------------------------------------------------
Sean Clarke
Network / Systems Support Manager
Cashline ABM Inc. / CyberNet Computer Services
[EMAIL PROTECTED]
[EMAIL PROTECTED]
"The best remote administration tool for Windows-NT is a car ..."
-----------------------------------------------------------------
On Fri, 28 Jan 2000, Steve wrote:
> Portsentry flagged a scan on port 1080 today. I got the following:
>
> Active System Attack Alerts
> =-=-=-=-=-=-=-=-=-=-=-=-=-=
> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Connect from host:
>24.64.239.167.ab.wave.home.com/24.64.239.167 to TCP port: 1080
> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Host 24.64.239.167 has been
>blocked via wrappers with string: "ALL: 24.64.239.167"
> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Host 24.64.239.167 has been
>blocked via dropped route using command: "/sbin/ipchains -I input -s 24.64.239.167 -j
>DENY -l"
>
> Does any one on the list have any idea how I find out who
> 24.64.239.167.ab.wave.home.com is?
>
> Some one trying to get in or just @home scanning my system?
>
> TIA
> Steve
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
