|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
At the last gathering a couple people asked what a portscan looks like.
On my machine, it looks like a lot of this:
Jan 17 20:45:44 darxus tcplog: port 16493 request from monet
Jan 17 20:49:33 darxus tcplog: port 16528 request from monet
Jan 17 23:31:46 darxus tcplog: port 23590 request from monet
Jan 17 23:32:08 darxus tcplog: port 23593 request from monet
Jan 17 23:32:09 darxus tcplog: port 23595 request from monet
Jan 17 23:32:45 darxus tcplog: port 23597 request from monet
Jan 17 23:32:46 darxus tcplog: port 23648 request from monet
Jan 17 23:32:47 darxus tcplog: port 23650 request from monet
Jan 17 23:32:48 darxus tcplog: port 23651 request from monet
Jan 17 23:35:17 darxus tcplog: port 23714 request from monet
Jan 17 23:36:56 darxus tcplog: port 23786 request from monet
Jan 17 23:41:48 darxus tcplog: port 24167 request from monet
Yes, I was getting portscanned from my ISPs shell machine. For like, a
month or something. Reported it, and got no responce.
I dunno what (if anything) I did to get this, but I can definately see
myself scanning through the debian package list, seeing a description of
something that does something like this, installing it, and forgetting
about it.
I also got portscanned and a number of other things by a guy named
morpheus in #pi on EFNet IRC. Came with life threats. He was on
Voicenet. Din't report that. Have lots of syslog & IRC logs.
__________________________________________________________________
PGP fingerprint = 03 5B 9B A0 16 33 91 2F A5 77 BC EE 43 71 98 D4
darxus@op.net / http://www.op.net/~darxus
Far Beyond Reason
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|