[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] port 10008
Check this link. http://www.zdii.com/industry_list.asp?mode=news&doc_id=ZD5083014 The port scanning source is called the Cheese Worm. It searches for Linux boxes compromised by the 1i0n worm and closes the security breach then searches for more compromised systems. Jerry Bryant Director Computer Networks Ozarks Technical Community College -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Ivan More Sent: Wednesday, May 16, 2001 5:49 AM To: [email protected] Cc: [email protected] Subject: [FW1] port 10008 Hi all you Gurus, I have seen quite a number of drop packets using port 10008 in the FW-1 log. Some of these packets are coming from unknown IPs when I do NSlookup. The logs look like this service source Destination 10008 211.168.167.199 255.255.255.255 10008 193.233.83.66 255.255.255.255 Anyone got an explaination? Cheers, I. More _______________________________________________________ Do You Yahoo!? Get your free @yahoo.ca address at http://mail.yahoo.ca ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|