[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Adrian Midgley wrote: > I'm assuming this is an attack from a botnet. > > Too paranoid then. Another clump appeared. Sun, 2006-11-26 03:28:41 - TCP Packet - Source:59.37.96.34,1976 Destination:91.84.28.93,139 - [Any(ALL) rule not match] Sun, 2006-11-26 05:47:22 - TCP Packet - Source:74.72.163.251,3972 Destination:91.84.28.93,135 - [Any(ALL) rule not match] Sun, 2006-11-26 06:44:01 - UDP Packet - Source:66.36.207.134,1062 Destination:91.84.28.93,1434 - [Any(ALL) rule not match] Sun, 2006-11-26 07:31:32 - TCP Packet - Source:201.11.222.160,50866 Destination:91.84.28.93,4899 - [Any(ALL) rule not match] Sun, 2006-11-26 07:31:35 - TCP Packet - Source:201.11.222.160,50183 Destination:91.84.28.93,4899 - [Any(ALL) rule not match] Sun, 2006-11-26 08:38:52 - UDP Packet - Source:218.108.238.82,1050 Destination:91.84.28.93,1434 - [Any(ALL) rule not match] Sun, 2006-11-26 08:59:13 - UDP Packet - Source:61.136.186.46,1297 Destination:91.84.28.93,1434 - [Any(ALL) rule not match] Sun, 2006-11-26 09:43:51 - UDP Packet - Source:60.190.88.146,1042 Destination:91.84.28.93,1434 - [Any(ALL) rule not match] Sun, 2006-11-26 11:33:31 - UDP Packet - Source:221.4.39.231,1095 Destination:91.84.28.93,1434 - [Any(ALL) rule not match] Sun, 2006-11-26 11:38:14 - UDP Packet - Source:84.245.9.225,56790 Destination:91.84.28.93,137 - [Any(ALL) rule not match] It is a new network, so these looked coordinated, but I see they are less obviously so. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html