Complete.Org: Mailing Lists: Archives: linux-help: August 2004:
[linux-help] Re: Port 18593 attacks

[linux-help] Re: Port 18593 attacks

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: Port 18593 attacks
From: "Jonathan Hall" <flimzy@xxxxxxxxxx>
Date: Sun, 8 Aug 2004 15:11:44 -0500
Reply-to: linux-help@xxxxxxxxx

If you're REALLY ambitious, you can always install tcpdump, and look at the
raw packets coming to port 18539 to help determine what they are.  Altho to
most people (myself included) that will probably produce a bunch of
worthless information :)

-- Jonathan

----- Original Message -----
From: "bbales" <bbales@xxxxxxx>
To: <linux-help@xxxxxxxxx>
Sent: Sunday, August 08, 2004 11:27 AM
Subject: [linux-help] Re: Port 18593 attacks

> On Saturday 07 August 2004 23:32, you wrote:
> > Well, is there any way to turn off reporting?  So what happens if you
> > telnet to port 18395? or nmap the box?  No one is coming in if there is
> > no door.  I guess what I'm saying is that you are probably getting
> > false or overzealous  reports from your firewall, and that they are
> > really nothing to lose sleep about.
> Sure, I can turn them off.  But I kinda liked to see the build-up of hits
> port 3127 when mydoom was running rampant and port 2745 with bagle.e.
> Maybe I am getting bad info from the firewall.  I'm not losing sleep over
> but I am curious to know what's going on.  Maybe I'll never know.
> bruce
> -- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> visit

-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,

[Prev in Thread] Current Thread [Next in Thread]