Don't you think this is someonme trying to find a socks proxy server?
>If it was @home scanning you you would have it from ops-scan.home.net I
>get these from them at about 1:30 am every morning. everyday.
>
>
>-----------------------------------------------------------------
>Sean Clarke
>Network / Systems Support Manager
>Cashline ABM Inc. / CyberNet Computer Services
>[EMAIL PROTECTED]
>[EMAIL PROTECTED]
>
>"The best remote administration tool for Windows-NT is a car ..."
>-----------------------------------------------------------------
>
>On Fri, 28 Jan 2000, Steve wrote:
>
>> Portsentry flagged a scan on port 1080 today. I got the following:
>>
>> Active System Attack Alerts
>> =-=-=-=-=-=-=-=-=-=-=-=-=-=
>> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Connect from host:
>24.64.239.167.ab.wave.home.com/24.64.239.167 to TCP port: 1080
>> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Host 24.64.239.167 has been
>blocked via wrappers with string: "ALL: 24.64.239.167"
>> Jan 28 13:30:19 localhost portsentry[585]: attackalert: Host 24.64.239.167 has been
>blocked via dropped route using command: "/sbin/ipchains -I input -s 24.64.239.167 -j
>DENY -l"
>>
>> Does any one on the list have any idea how I find out who
>> 24.64.239.167.ab.wave.home.com is?
>>
>> Some one trying to get in or just @home scanning my system?
>>
>> TIA
>> Steve
>>
>>
>> --
>> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
>> as the Subject.
>>
>
>
>--
>To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
>as the Subject.
manux
[EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
