[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken.Connelly at uni.edu
Ken.Connelly at uni.edu
Sat Oct 2 22:32:34 GMT 2004
The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.
Oct 1 11:30:22 64.207.52.59:4528 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 1 11:30:22 64.207.52.59:4478 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 1 11:30:22 64.207.52.59:4530 -> xxx.yyy.1.11:1433 SYN ******S*
Oct 1 11:30:22 64.207.52.59:4452 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 1 11:30:20 64.207.52.59:4722 -> xxx.yyy.1.71:1433 SYN ******S*
Oct 1 11:30:23 64.207.52.59:4584 -> xxx.yyy.1.24:1433 SYN ******S*
Oct 1 11:30:21 64.207.52.59:4686 -> xxx.yyy.1.62:1433 SYN ******S*
Oct 1 11:30:21 64.207.52.59:4677 -> xxx.yyy.1.58:1433 SYN ******S*
[...]
Oct 1 14:42:15 64.207.52.59:1048 -> xxx.yyy.255.226:1433 SYN ******S*
Oct 1 14:42:15 64.207.52.59:1060 -> xxx.yyy.255.232:1433 SYN ******S*
Oct 1 14:42:15 64.207.52.59:1082 -> xxx.yyy.255.243:1433 SYN ******S*
Oct 1 14:42:16 64.207.52.59:1101 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 1 14:42:16 64.207.52.59:1074 -> xxx.yyy.255.239:1433 SYN ******S*
Oct 1 14:42:16 64.207.52.59:1097 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 1 14:42:16 64.207.52.59:1080 -> xxx.yyy.255.242:1433 SYN ******S*
Oct 1 14:42:16 64.207.52.59:1078 -> xxx.yyy.255.241:1433 SYN ******S*
87825
Oct 1 00:00:05 68.77.94.30:3407 -> xxx.yyy.83.232:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3406 -> xxx.yyy.83.231:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3405 -> xxx.yyy.83.230:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3404 -> xxx.yyy.83.229:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3401 -> xxx.yyy.83.228:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3408 -> xxx.yyy.83.233:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3420 -> xxx.yyy.83.241:1433 SYN ******S*
Oct 1 00:00:05 68.77.94.30:3419 -> xxx.yyy.83.240:1433 SYN ******S*
[...]
Oct 1 02:34:19 68.77.94.30:3204 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 1 02:34:19 68.77.94.30:3208 -> xxx.yyy.255.246:1433 SYN ******S*
Oct 1 02:34:19 68.77.94.30:3216 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 1 02:34:19 68.77.94.30:3219 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 1 02:34:20 68.77.94.30:3222 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 1 02:34:20 68.77.94.30:3224 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 1 02:34:20 68.77.94.30:3228 -> xxx.yyy.255.252:1433 SYN ******S*
Oct 1 02:34:20 68.77.94.30:3232 -> xxx.yyy.255.253:1433 SYN ******S*
Oct 1 02:34:20 68.77.94.30:3235 -> xxx.yyy.255.254:1433 SYN ******S*
84116
Oct 1 03:53:43 82.75.80.50:1432 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1433 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1434 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1435 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1436 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1437 -> xxx.yyy.1.8:1433 SYN ******S*
Oct 1 03:53:43 82.75.80.50:1438 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 1 03:53:46 82.75.80.50:1441 -> xxx.yyy.1.11:1433 SYN ******S*
[...]
Oct 1 07:42:36 82.75.80.50:4246 -> xxx.yyy.255.244:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4256 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4254 -> xxx.yyy.255.247:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4260 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4258 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4268 -> xxx.yyy.255.252:1433 SYN ******S*
Oct 1 07:42:37 82.75.80.50:4267 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 1 07:42:38 82.75.80.50:4279 -> xxx.yyy.255.253:1433 SYN ******S*
Oct 1 07:42:38 82.75.80.50:4282 -> xxx.yyy.255.254:1433 SYN ******S*
74643
Oct 1 11:14:32 24.214.214.61:2215 -> xxx.yyy.1.0:1433 SYN ******S*
Oct 1 11:14:32 24.214.214.61:2252 -> xxx.yyy.1.30:1433 SYN ******S*
Oct 1 11:14:35 24.214.214.61:2253 -> xxx.yyy.1.31:1433 SYN ******S*
Oct 1 11:14:32 24.214.214.61:2254 -> xxx.yyy.1.32:1433 SYN ******S*
Oct 1 11:14:36 24.214.214.61:2271 -> xxx.yyy.1.42:1433 SYN ******S*
Oct 1 11:14:33 24.214.214.61:2273 -> xxx.yyy.1.43:1433 SYN ******S*
Oct 1 11:14:35 24.214.214.61:2243 -> xxx.yyy.1.22:1433 SYN ******S*
Oct 1 11:14:35 24.214.214.61:2244 -> xxx.yyy.1.23:1433 SYN ******S*
[...]
Oct 1 15:19:39 24.214.214.61:1519 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 1 15:19:40 24.214.214.61:1634 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 1 15:19:43 24.214.214.61:1344 -> xxx.yyy.255.239:1433 SYN ******S*
Oct 1 15:19:43 24.214.214.61:1386 -> xxx.yyy.255.240:1433 SYN ******S*
Oct 1 15:19:45 24.214.214.61:1447 -> xxx.yyy.255.242:1433 SYN ******S*
Oct 1 15:19:45 24.214.214.61:1519 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 1 15:19:46 24.214.214.61:1603 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 1 15:19:46 24.214.214.61:1634 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 1 15:19:46 24.214.214.61:1621 -> xxx.yyy.255.249:1433 SYN ******S*
65355
Oct 1 21:23:22 218.146.60.167:2563 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 1 21:23:22 218.146.60.167:2562 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 1 21:23:22 218.146.60.167:2567 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 1 21:23:22 218.146.60.167:2568 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 1 21:23:22 218.146.60.167:2569 -> xxx.yyy.1.8:1433 SYN ******S*
Oct 1 21:23:19 218.146.60.167:2571 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 1 21:23:22 218.146.60.167:2570 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 1 21:23:19 218.146.60.167:2573 -> xxx.yyy.1.12:1433 SYN ******S*
[...]
Oct 1 21:35:00 218.146.60.167:1118 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1106 -> xxx.yyy.255.233:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1117 -> xxx.yyy.255.244:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1112 -> xxx.yyy.255.239:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1127 -> xxx.yyy.255.254:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1125 -> xxx.yyy.255.252:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1123 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 1 21:35:00 218.146.60.167:1126 -> xxx.yyy.255.253:1433 SYN ******S*
57379
Oct 1 12:31:25 202.64.185.72:4820 -> xxx.yyy.1.1:20168 SYN ******S*
Oct 1 12:31:27 202.64.185.72:4826 -> xxx.yyy.1.4:20168 SYN ******S*
Oct 1 12:31:27 202.64.185.72:4832 -> xxx.yyy.1.6:20168 SYN ******S*
Oct 1 12:31:25 202.64.185.72:4838 -> xxx.yyy.1.10:20168 SYN ******S*
Oct 1 12:31:25 202.64.185.72:4841 -> xxx.yyy.1.13:20168 SYN ******S*
Oct 1 12:31:26 202.64.185.72:4842 -> xxx.yyy.1.14:20168 SYN ******S*
Oct 1 12:31:25 202.64.185.72:4843 -> xxx.yyy.1.15:20168 SYN ******S*
Oct 1 12:31:25 202.64.185.72:4846 -> xxx.yyy.1.16:20168 SYN ******S*
[...]
Oct 1 12:42:50 202.64.185.72:2388 -> xxx.yyy.255.252:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2385 -> xxx.yyy.255.249:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2382 -> xxx.yyy.255.246:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2386 -> xxx.yyy.255.250:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2389 -> xxx.yyy.255.253:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2387 -> xxx.yyy.255.251:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2384 -> xxx.yyy.255.248:20168 SYN ******S*
Oct 1 12:42:50 202.64.185.72:2383 -> xxx.yyy.255.247:20168 SYN ******S*
45437
Oct 1 12:11:32 211.93.64.5:3339 -> xxx.yyy.1.3:20168 SYN ******S*
Oct 1 12:11:33 211.93.64.5:3341 -> xxx.yyy.1.4:20168 SYN ******S*
Oct 1 12:11:33 211.93.64.5:3345 -> xxx.yyy.1.6:20168 SYN ******S*
Oct 1 12:11:31 211.93.64.5:3347 -> xxx.yyy.1.7:20168 SYN ******S*
Oct 1 12:11:33 211.93.64.5:3349 -> xxx.yyy.1.8:20168 SYN ******S*
Oct 1 12:11:32 211.93.64.5:3355 -> xxx.yyy.1.11:20168 SYN ******S*
Oct 1 12:11:31 211.93.64.5:3359 -> xxx.yyy.1.13:20168 SYN ******S*
Oct 1 12:11:31 211.93.64.5:3385 -> xxx.yyy.1.26:20168 SYN ******S*
[...]
Oct 1 12:23:12 211.93.64.5:3684 -> xxx.yyy.255.228:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3688 -> xxx.yyy.255.230:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3728 -> xxx.yyy.255.250:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3700 -> xxx.yyy.255.236:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3712 -> xxx.yyy.255.242:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3714 -> xxx.yyy.255.243:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3726 -> xxx.yyy.255.249:20168 SYN ******S*
Oct 1 12:23:12 211.93.64.5:3732 -> xxx.yyy.255.252:20168 SYN ******S*
41304
Oct 1 14:42:25 140.123.121.135:2866 -> xxx.yyy.1.1:5900 SYN ******S*
Oct 1 14:42:27 140.123.121.135:2876 -> xxx.yyy.1.10:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2879 -> xxx.yyy.1.13:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2890 -> xxx.yyy.1.24:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2891 -> xxx.yyy.1.25:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2896 -> xxx.yyy.1.29:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2893 -> xxx.yyy.1.27:5900 SYN ******S*
Oct 1 14:42:24 140.123.121.135:2897 -> xxx.yyy.1.30:5900 SYN ******S*
[...]
Oct 1 14:49:06 140.123.121.135:4038 -> xxx.yyy.254.106:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4073 -> xxx.yyy.254.141:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4077 -> xxx.yyy.254.145:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4075 -> xxx.yyy.254.143:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4074 -> xxx.yyy.254.142:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4109 -> xxx.yyy.254.177:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4110 -> xxx.yyy.254.178:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4125 -> xxx.yyy.254.184:5900 SYN ******S*
Oct 1 14:49:06 140.123.121.135:4428 -> xxx.yyy.255.71:5900 SYN ******S*
28223
Oct 1 07:41:25 218.38.13.13:52715 -> xxx.yyy.1.4:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52725 -> xxx.yyy.1.14:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52746 -> xxx.yyy.1.35:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52750 -> xxx.yyy.1.39:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52713 -> xxx.yyy.1.2:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52762 -> xxx.yyy.1.51:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52726 -> xxx.yyy.1.15:6112 SYN ******S*
Oct 1 07:41:25 218.38.13.13:52776 -> xxx.yyy.1.65:6112 SYN ******S*
[...]
Oct 1 07:44:36 218.38.13.13:35719 -> xxx.yyy.254.17:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35723 -> xxx.yyy.254.19:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35724 -> xxx.yyy.254.20:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35731 -> xxx.yyy.254.25:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35703 -> xxx.yyy.254.7:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35708 -> xxx.yyy.254.11:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35728 -> xxx.yyy.254.23:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35714 -> xxx.yyy.254.14:6112 SYN ******S*
Oct 1 07:44:36 218.38.13.13:35730 -> xxx.yyy.254.24:6112 SYN ******S*
17945
Oct 1 22:26:36 219.138.144.8:20271 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 1 22:26:36 219.138.144.8:20277 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 1 22:26:33 219.138.144.8:20287 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 1 22:26:36 219.138.144.8:20288 -> xxx.yyy.1.11:1433 SYN ******S*
Oct 1 22:26:36 219.138.144.8:20291 -> xxx.yyy.1.14:1433 SYN ******S*
Oct 1 22:26:36 219.138.144.8:20302 -> xxx.yyy.1.20:1433 SYN ******S*
Oct 1 22:26:36 219.138.144.8:20304 -> xxx.yyy.1.21:1433 SYN ******S*
Oct 1 22:26:34 219.138.144.8:20310 -> xxx.yyy.1.25:1433 SYN ******S*
[...]
Oct 1 23:50:58 219.138.144.8:61504 -> xxx.yyy.111.252:1433 SYN ******S*
Oct 1 23:50:58 219.138.144.8:61497 -> xxx.yyy.111.245:1433 SYN ******S*
Oct 1 23:50:59 219.138.144.8:61498 -> xxx.yyy.111.246:1433 SYN ******S*
Oct 1 23:50:59 219.138.144.8:61501 -> xxx.yyy.111.249:1433 SYN ******S*
Oct 1 23:50:59 219.138.144.8:61505 -> xxx.yyy.111.253:1433 SYN ******S*
Oct 1 23:51:03 219.138.144.8:61512 -> xxx.yyy.111.255:1433 SYN ******S*
Oct 1 23:51:07 219.138.144.8:61511 -> xxx.yyy.111.254:1433 SYN ******S*
Oct 1 23:51:13 219.138.144.8:61511 -> xxx.yyy.111.254:1433 SYN ******S*
15439
Oct 1 23:49:33 222.117.38.12:3772 -> xxx.yyy.236.80:5554 SYN ******S*
Oct 1 23:49:34 222.117.38.12:3980 -> xxx.yyy.236.80:1023 SYN ******S*
Oct 1 23:49:36 222.117.38.12:4426 -> xxx.yyy.236.80:9898 SYN ******S*
Oct 1 23:49:33 222.117.38.12:3773 -> xxx.yyy.236.81:5554 SYN ******S*
Oct 1 23:49:34 222.117.38.12:3981 -> xxx.yyy.236.81:1023 SYN ******S*
Oct 1 23:49:36 222.117.38.12:4427 -> xxx.yyy.236.81:9898 SYN ******S*
Oct 1 23:49:33 222.117.38.12:3774 -> xxx.yyy.236.82:5554 SYN ******S*
Oct 1 23:49:34 222.117.38.12:3982 -> xxx.yyy.236.82:1023 SYN ******S*
[...]
Oct 1 23:51:14 222.117.38.12:4263 -> xxx.yyy.237.98:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4265 -> xxx.yyy.237.107:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4286 -> xxx.yyy.237.113:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4266 -> xxx.yyy.237.108:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4269 -> xxx.yyy.237.111:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4260 -> xxx.yyy.237.104:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4264 -> xxx.yyy.237.106:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4285 -> xxx.yyy.237.105:9898 SYN ******S*
Oct 1 23:51:14 222.117.38.12:4287 -> xxx.yyy.237.90:9898 SYN ******S*
12280
Oct 1 23:52:13 220.117.162.205:1801 -> xxx.yyy.236.76:5554 SYN ******S*
Oct 1 23:52:14 220.117.162.205:2243 -> xxx.yyy.236.76:1023 SYN ******S*
Oct 1 23:52:16 220.117.162.205:3059 -> xxx.yyy.236.76:9898 SYN ******S*
Oct 1 23:52:14 220.117.162.205:1808 -> xxx.yyy.236.83:5554 SYN ******S*
Oct 1 23:52:15 220.117.162.205:2271 -> xxx.yyy.236.83:1023 SYN ******S*
Oct 1 23:52:16 220.117.162.205:3092 -> xxx.yyy.236.83:9898 SYN ******S*
Oct 1 23:52:14 220.117.162.205:1810 -> xxx.yyy.236.85:5554 SYN ******S*
Oct 1 23:52:15 220.117.162.205:2279 -> xxx.yyy.236.85:1023 SYN ******S*
[...]
Oct 1 23:53:01 220.117.162.205:1645 -> xxx.yyy.255.245:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1649 -> xxx.yyy.255.249:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1647 -> xxx.yyy.255.247:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1648 -> xxx.yyy.255.248:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1652 -> xxx.yyy.255.252:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1651 -> xxx.yyy.255.251:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1650 -> xxx.yyy.255.250:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1653 -> xxx.yyy.255.253:9898 SYN ******S*
Oct 1 23:53:01 220.117.162.205:1654 -> xxx.yyy.255.254:9898 SYN ******S*
12078
[...]
11926
Oct 1 16:12:18 69.194.204.4:22002 -> xxx.yyy.1.0:1080 SYN ******S*
Oct 1 16:12:18 69.194.204.4:22002 -> xxx.yyy.1.0:10080 SYN ******S*
Oct 1 16:12:18 69.194.204.4:22002 -> xxx.yyy.1.1:3127 SYN ******S*
Oct 1 16:12:18 69.194.204.4:22002 -> xxx.yyy.1.1:1080 SYN ******S*
Oct 1 16:12:18 69.194.204.4:22002 -> xxx.yyy.1.1:10080 SYN ******S*
Oct 1 16:12:19 69.194.204.4:22002 -> xxx.yyy.1.2:3127 SYN ******S*
Oct 1 16:12:19 69.194.204.4:22002 -> xxx.yyy.1.2:1080 SYN ******S*
Oct 1 16:12:19 69.194.204.4:22002 -> xxx.yyy.1.2:10080 SYN ******S*
[...]
Oct 1 18:08:54 69.194.204.4:22002 -> xxx.yyy.68.45:1080 SYN ******S*
Oct 1 18:08:54 69.194.204.4:22002 -> xxx.yyy.68.45:10080 SYN ******S*
Oct 1 18:08:54 69.194.204.4:22002 -> xxx.yyy.68.46:3127 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.46:1080 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.46:10080 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.46:3128 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.47:3127 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.47:1080 SYN ******S*
Oct 1 18:08:55 69.194.204.4:22002 -> xxx.yyy.68.47:3128 SYN ******S*
11908
Oct 1 19:14:35 200.161.183.136:4594 -> xxx.yyy.1.0:3127 SYN ******S*
Oct 1 19:14:33 200.161.183.136:4592 -> xxx.yyy.1.0:901 SYN ******S*
Oct 1 19:14:35 200.161.183.136:4593 -> xxx.yyy.1.0:12345 SYN ******S*
Oct 1 19:14:34 200.161.183.136:4595 -> xxx.yyy.1.1:3410 SYN ******S*
Oct 1 19:14:36 200.161.183.136:4596 -> xxx.yyy.1.1:3127 SYN ******S*
Oct 1 19:14:34 200.161.183.136:4598 -> xxx.yyy.1.1:901 SYN ******S*
Oct 1 19:14:36 200.161.183.136:4599 -> xxx.yyy.1.1:12345 SYN ******S*
Oct 1 19:14:35 200.161.183.136:4603 -> xxx.yyy.1.2:901 SYN ******S*
[...]
Oct 1 22:01:51 200.161.183.136:4125 -> xxx.yyy.14.47:3410 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4137 -> xxx.yyy.14.49:3410 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4139 -> xxx.yyy.14.49:3127 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4140 -> xxx.yyy.14.49:901 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4141 -> xxx.yyy.14.49:12345 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4134 -> xxx.yyy.14.48:12345 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4133 -> xxx.yyy.14.48:901 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4132 -> xxx.yyy.14.48:3127 SYN ******S*
Oct 1 22:01:52 200.161.183.136:4130 -> xxx.yyy.14.48:3410 SYN ******S*
11765
Oct 1 23:54:42 219.167.203.188:4659 -> xxx.yyy.235.116:5554 SYN ******S*
Oct 1 23:54:43 219.167.203.188:4231 -> xxx.yyy.235.116:1023 SYN ******S*
Oct 1 23:54:45 219.167.203.188:2840 -> xxx.yyy.235.116:9898 SYN ******S*
Oct 1 23:54:42 219.167.203.188:4637 -> xxx.yyy.235.114:5554 SYN ******S*
Oct 1 23:54:43 219.167.203.188:4050 -> xxx.yyy.235.114:1023 SYN ******S*
Oct 1 23:54:45 219.167.203.188:2826 -> xxx.yyy.235.114:9898 SYN ******S*
Oct 1 23:54:42 219.167.203.188:4872 -> xxx.yyy.235.119:5554 SYN ******S*
Oct 1 23:54:43 219.167.203.188:1315 -> xxx.yyy.235.119:1023 SYN ******S*
[...]
Oct 1 23:55:28 219.167.203.188:3310 -> xxx.yyy.255.137:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:3462 -> xxx.yyy.255.140:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:3495 -> xxx.yyy.255.141:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:3768 -> xxx.yyy.255.142:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:1256 -> xxx.yyy.255.150:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:3465 -> xxx.yyy.255.203:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:4855 -> xxx.yyy.255.226:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:4865 -> xxx.yyy.255.228:9898 SYN ******S*
Oct 1 23:55:28 219.167.203.188:4881 -> xxx.yyy.255.229:9898 SYN ******S*
11292
[...]
10244
Oct 1 00:18:04 60.35.121.108:1087 -> xxx.yyy.174.222:5554 SYN ******S*
Oct 1 00:18:04 60.35.121.108:1088 -> xxx.yyy.174.223:5554 SYN ******S*
Oct 1 00:18:05 60.35.121.108:1499 -> xxx.yyy.174.223:1023 SYN ******S*
Oct 1 00:18:07 60.35.121.108:2438 -> xxx.yyy.174.223:9898 SYN ******S*
Oct 1 00:18:04 60.35.121.108:1106 -> xxx.yyy.174.227:5554 SYN ******S*
Oct 1 00:18:05 60.35.121.108:1510 -> xxx.yyy.174.227:1023 SYN ******S*
Oct 1 00:18:07 60.35.121.108:2464 -> xxx.yyy.174.227:9898 SYN ******S*
Oct 1 00:18:04 60.35.121.108:1109 -> xxx.yyy.174.230:5554 SYN ******S*
[...]
Oct 1 00:19:02 60.35.121.108:3358 -> xxx.yyy.194.239:9898 SYN ******S*
Oct 1 00:19:02 60.35.121.108:3367 -> xxx.yyy.194.242:9898 SYN ******S*
Oct 1 00:19:02 60.35.121.108:3370 -> xxx.yyy.194.246:9898 SYN ******S*
Oct 1 00:19:02 60.35.121.108:3463 -> xxx.yyy.195.5:9898 SYN ******S*
Oct 1 00:19:02 60.35.121.108:3467 -> xxx.yyy.195.7:9898 SYN ******S*
Oct 1 00:19:03 60.35.121.108:3709 -> xxx.yyy.195.55:9898 SYN ******S*
Oct 1 00:19:03 60.35.121.108:3726 -> xxx.yyy.195.61:9898 SYN ******S*
Oct 1 00:19:03 60.35.121.108:3783 -> xxx.yyy.195.67:9898 SYN ******S*
Oct 1 00:19:03 60.35.121.108:3790 -> xxx.yyy.195.66:9898 SYN ******S*
9026
Oct 1 23:55:42 221.153.27.37:1725 -> xxx.yyy.235.112:5554 SYN ******S*
Oct 1 23:55:43 221.153.27.37:2488 -> xxx.yyy.235.112:1023 SYN ******S*
Oct 1 23:55:45 221.153.27.37:4265 -> xxx.yyy.235.112:9898 SYN ******S*
Oct 1 23:55:42 221.153.27.37:1834 -> xxx.yyy.235.123:5554 SYN ******S*
Oct 1 23:55:43 221.153.27.37:2610 -> xxx.yyy.235.123:1023 SYN ******S*
Oct 1 23:55:45 221.153.27.37:4302 -> xxx.yyy.235.123:9898 SYN ******S*
Oct 1 23:55:42 221.153.27.37:1833 -> xxx.yyy.235.122:5554 SYN ******S*
Oct 1 23:55:43 221.153.27.37:2606 -> xxx.yyy.235.122:1023 SYN ******S*
[...]
Oct 1 23:56:29 221.153.27.37:4961 -> xxx.yyy.255.174:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:4998 -> xxx.yyy.255.178:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:4988 -> xxx.yyy.255.176:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:4978 -> xxx.yyy.255.168:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:1047 -> xxx.yyy.255.156:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:1054 -> xxx.yyy.255.157:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:1153 -> xxx.yyy.255.200:9898 SYN ******S*
Oct 1 23:56:29 221.153.27.37:1139 -> xxx.yyy.255.202:9898 SYN ******S*
Oct 1 23:56:30 221.153.27.37:1454 -> xxx.yyy.255.232:9898 SYN ******S*
8960
Oct 1 23:54:40 218.156.193.140:2390 -> xxx.yyy.236.79:5554 SYN ******S*
Oct 1 23:54:43 218.156.193.140:1075 -> xxx.yyy.236.79:9898 SYN ******S*
Oct 1 23:54:40 218.156.193.140:2397 -> xxx.yyy.236.76:5554 SYN ******S*
Oct 1 23:54:43 218.156.193.140:1065 -> xxx.yyy.236.76:9898 SYN ******S*
Oct 1 23:54:40 218.156.193.140:2387 -> xxx.yyy.236.77:5554 SYN ******S*
Oct 1 23:54:41 218.156.193.140:3139 -> xxx.yyy.236.77:1023 SYN ******S*
Oct 1 23:54:43 218.156.193.140:1068 -> xxx.yyy.236.77:9898 SYN ******S*
Oct 1 23:54:40 218.156.193.140:2399 -> xxx.yyy.236.80:5554 SYN ******S*
[...]
Oct 1 23:55:20 218.156.193.140:1549 -> xxx.yyy.255.246:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1567 -> xxx.yyy.255.248:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1571 -> xxx.yyy.255.249:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1576 -> xxx.yyy.255.251:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1562 -> xxx.yyy.255.247:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1575 -> xxx.yyy.255.250:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1584 -> xxx.yyy.255.252:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1586 -> xxx.yyy.255.253:9898 SYN ******S*
Oct 1 23:55:20 218.156.193.140:1587 -> xxx.yyy.255.254:9898 SYN ******S*
8291
Oct 1 00:56:24 61.55.212.14:4763 -> xxx.yyy.174.5:5554 SYN ******S*
Oct 1 00:56:25 61.55.212.14:1375 -> xxx.yyy.174.5:1023 SYN ******S*
Oct 1 00:56:24 61.55.212.14:4811 -> xxx.yyy.174.8:5554 SYN ******S*
Oct 1 00:56:25 61.55.212.14:1391 -> xxx.yyy.174.8:1023 SYN ******S*
Oct 1 00:56:27 61.55.212.14:2380 -> xxx.yyy.174.8:9898 SYN ******S*
Oct 1 00:56:24 61.55.212.14:4810 -> xxx.yyy.174.7:5554 SYN ******S*
Oct 1 00:56:25 61.55.212.14:1390 -> xxx.yyy.174.7:1023 SYN ******S*
Oct 1 00:56:24 61.55.212.14:4809 -> xxx.yyy.174.6:5554 SYN ******S*
[...]
Oct 1 00:57:12 61.55.212.14:2580 -> xxx.yyy.194.110:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2581 -> xxx.yyy.194.111:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2582 -> xxx.yyy.194.112:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2592 -> xxx.yyy.194.113:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2593 -> xxx.yyy.194.114:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2595 -> xxx.yyy.194.116:9898 SYN ******S*
Oct 1 00:57:12 61.55.212.14:2609 -> xxx.yyy.194.120:9898 SYN ******S*
Oct 1 00:57:13 61.55.212.14:2618 -> xxx.yyy.194.121:9898 SYN ******S*
8276
Oct 1 00:56:08 218.25.61.131:1789 -> xxx.yyy.214.249:5554 SYN ******S*
Oct 1 00:56:10 218.25.61.131:2945 -> xxx.yyy.214.249:1023 SYN ******S*
Oct 1 00:56:08 218.25.61.131:1793 -> xxx.yyy.214.255:5554 SYN ******S*
Oct 1 00:56:10 218.25.61.131:2942 -> xxx.yyy.214.255:1023 SYN ******S*
Oct 1 00:56:08 218.25.61.131:1790 -> xxx.yyy.214.250:5554 SYN ******S*
Oct 1 00:56:10 218.25.61.131:2944 -> xxx.yyy.214.250:1023 SYN ******S*
Oct 1 00:56:08 218.25.61.131:1797 -> xxx.yyy.215.6:5554 SYN ******S*
Oct 1 00:56:10 218.25.61.131:2939 -> xxx.yyy.215.6:1023 SYN ******S*
[...]
Oct 1 00:57:12 218.25.61.131:3057 -> xxx.yyy.235.94:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3067 -> xxx.yyy.235.95:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3109 -> xxx.yyy.235.97:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3124 -> xxx.yyy.235.88:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3222 -> xxx.yyy.235.110:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3237 -> xxx.yyy.235.99:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3283 -> xxx.yyy.235.102:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3285 -> xxx.yyy.235.103:9898 SYN ******S*
Oct 1 00:57:12 218.25.61.131:3286 -> xxx.yyy.235.105:9898 SYN ******S*
8119
Oct 1 00:00:12 24.225.171.36:34147 -> xxx.yyy.81.85:3394 INVALIDACK ***A*R*F
Oct 1 00:00:14 24.225.171.36:34147 -> xxx.yyy.81.85:3408 INVALIDACK ***A*R*F
Oct 1 00:00:17 24.225.171.36:34147 -> xxx.yyy.81.85:3408 INVALIDACK ***A*R*F
Oct 1 00:00:18 24.225.171.36:34147 -> xxx.yyy.81.85:3394 INVALIDACK ***A*R*F
Oct 1 00:00:43 24.225.171.36:34147 -> xxx.yyy.81.85:3485 INVALIDACK ***A*R*F
Oct 1 00:00:49 24.225.171.36:34147 -> xxx.yyy.81.85:3485 INVALIDACK ***A*R*F
Oct 1 00:01:17 24.225.171.36:34147 -> xxx.yyy.81.85:3527 INVALIDACK ***A*R*F
Oct 1 00:01:40 24.225.171.36:34147 -> xxx.yyy.81.85:3608 INVALIDACK ***A*R*F
[...]
Oct 1 23:58:23 24.225.171.36:34147 -> xxx.yyy.81.85:3817 INVALIDACK ***A*R*F
Oct 1 23:58:43 24.225.171.36:34147 -> xxx.yyy.81.85:3883 INVALIDACK ***A*R*F
Oct 1 23:58:49 24.225.171.36:34147 -> xxx.yyy.81.85:3883 INVALIDACK ***A*R*F
Oct 1 23:58:59 24.225.171.36:34147 -> xxx.yyy.81.85:3936 INVALIDACK ***A*R*F
Oct 1 23:59:28 24.225.171.36:34147 -> xxx.yyy.81.85:3996 INVALIDACK ***A*R*F
Oct 1 23:59:34 24.225.171.36:34147 -> xxx.yyy.81.85:3996 INVALIDACK ***A*R*F
Oct 1 23:59:46 24.225.171.36:34147 -> xxx.yyy.81.85:4055 INVALIDACK ***A*R*F
Oct 1 23:59:52 24.225.171.36:34147 -> xxx.yyy.81.85:4055 INVALIDACK ***A*R*F
Oct 1 23:59:58 24.225.171.36:34147 -> xxx.yyy.81.85:4089 INVALIDACK ***A*R*F
7989
Oct 1 01:51:01 164.77.105.217:3084 -> xxx.yyy.1.0:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3085 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3086 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3087 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3088 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3089 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3090 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 1 01:51:01 164.77.105.217:3091 -> xxx.yyy.1.7:1433 SYN ******S*
[...]
Oct 1 02:48:07 164.77.105.217:4008 -> xxx.yyy.64.190:1433 SYN ******S*
Oct 1 02:48:07 164.77.105.217:4009 -> xxx.yyy.64.191:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:3923 -> xxx.yyy.64.137:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:4012 -> xxx.yyy.64.192:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:4013 -> xxx.yyy.64.193:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:4014 -> xxx.yyy.64.194:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:3926 -> xxx.yyy.64.138:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:3928 -> xxx.yyy.64.139:1433 SYN ******S*
Oct 1 02:48:08 164.77.105.217:4015 -> xxx.yyy.64.195:1433 SYN ******S*
7904
Oct 1 12:56:18 64.229.236.48:4428 -> xxx.yyy.133.44:5554 SYN ******S*
Oct 1 12:56:19 64.229.236.48:1060 -> xxx.yyy.133.44:1023 SYN ******S*
Oct 1 12:56:18 64.229.236.48:4429 -> xxx.yyy.133.43:5554 SYN ******S*
Oct 1 12:56:19 64.229.236.48:4922 -> xxx.yyy.133.43:1023 SYN ******S*
Oct 1 12:56:21 64.229.236.48:2006 -> xxx.yyy.133.43:9898 SYN ******S*
Oct 1 12:56:18 64.229.236.48:4440 -> xxx.yyy.133.41:5554 SYN ******S*
Oct 1 12:56:19 64.229.236.48:1061 -> xxx.yyy.133.41:1023 SYN ******S*
Oct 1 12:56:18 64.229.236.48:4441 -> xxx.yyy.133.40:5554 SYN ******S*
[...]
Oct 1 12:58:11 64.229.236.48:3136 -> xxx.yyy.153.103:9898 SYN ******S*
Oct 1 12:58:11 64.229.236.48:3146 -> xxx.yyy.153.106:9898 SYN ******S*
Oct 1 12:58:11 64.229.236.48:3149 -> xxx.yyy.153.108:9898 SYN ******S*
Oct 1 12:58:11 64.229.236.48:3150 -> xxx.yyy.153.109:9898 SYN ******S*
Oct 1 12:58:11 64.229.236.48:3151 -> xxx.yyy.153.110:9898 SYN ******S*
Oct 1 12:58:11 64.229.236.48:3398 -> xxx.yyy.153.112:9898 SYN ******S*
Oct 1 12:58:12 64.229.236.48:3747 -> xxx.yyy.153.114:9898 SYN ******S*
Oct 1 12:58:12 64.229.236.48:3748 -> xxx.yyy.153.115:9898 SYN ******S*
Oct 1 12:58:12 64.229.236.48:3791 -> xxx.yyy.153.135:9898 SYN ******S*
7729
Oct 1 01:00:17 218.76.23.150:2703 -> xxx.yyy.154.154:5554 SYN ******S*
Oct 1 01:00:17 218.76.23.150:2705 -> xxx.yyy.154.155:5554 SYN ******S*
Oct 1 01:00:18 218.76.23.150:3101 -> xxx.yyy.154.155:1023 SYN ******S*
Oct 1 01:00:17 218.76.23.150:2713 -> xxx.yyy.154.111:5554 SYN ******S*
Oct 1 01:00:18 218.76.23.150:3007 -> xxx.yyy.154.111:1023 SYN ******S*
Oct 1 01:00:17 218.76.23.150:2689 -> xxx.yyy.154.116:5554 SYN ******S*
Oct 1 01:00:20 218.76.23.150:3735 -> xxx.yyy.154.116:9898 SYN ******S*
Oct 1 01:00:17 218.76.23.150:2684 -> xxx.yyy.154.100:5554 SYN ******S*
[...]
Oct 1 01:02:32 218.76.23.150:2817 -> xxx.yyy.155.250:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2704 -> xxx.yyy.155.233:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2723 -> xxx.yyy.155.235:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2725 -> xxx.yyy.155.237:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2722 -> xxx.yyy.155.234:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2732 -> xxx.yyy.156.7:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:3067 -> xxx.yyy.156.24:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:3059 -> xxx.yyy.155.241:9898 SYN ******S*
Oct 1 01:02:32 218.76.23.150:2887 -> xxx.yyy.155.251:9898 SYN ******S*
7036
--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu phone: (319) 273-5850 fax: (319) 273-7373
More information about the Intrusions
mailing list