[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken.Connelly at uni.edu
Ken.Connelly at uni.edu
Sun Oct 3 20:39:28 GMT 2004
The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.
Oct 2 08:48:29 62.141.58.107:3277 -> xxx.yyy.1.0:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3282 -> xxx.yyy.1.1:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3287 -> xxx.yyy.1.2:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3292 -> xxx.yyy.1.3:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3297 -> xxx.yyy.1.4:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3302 -> xxx.yyy.1.5:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3307 -> xxx.yyy.1.6:21 SYN ******S*
Oct 2 08:48:29 62.141.58.107:3312 -> xxx.yyy.1.7:21 SYN ******S*
[...]
Oct 2 09:06:30 62.141.58.107:1264 -> xxx.yyy.255.246:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1262 -> xxx.yyy.255.245:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1260 -> xxx.yyy.255.244:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1276 -> xxx.yyy.255.252:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1274 -> xxx.yyy.255.251:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1272 -> xxx.yyy.255.250:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1270 -> xxx.yyy.255.249:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1278 -> xxx.yyy.255.253:21 SYN ******S*
Oct 2 09:06:30 62.141.58.107:1280 -> xxx.yyy.255.254:21 SYN ******S*
119213
Oct 2 03:11:30 206.13.56.94:2907 -> xxx.yyy.1.54:1433 SYN ******S*
Oct 2 03:11:30 206.13.56.94:2911 -> xxx.yyy.1.53:1433 SYN ******S*
Oct 2 03:11:31 206.13.56.94:2917 -> xxx.yyy.1.52:1433 SYN ******S*
Oct 2 03:11:31 206.13.56.94:2922 -> xxx.yyy.1.51:1433 SYN ******S*
Oct 2 03:11:31 206.13.56.94:2925 -> xxx.yyy.1.50:1433 SYN ******S*
Oct 2 03:11:28 206.13.56.94:2929 -> xxx.yyy.1.49:1433 SYN ******S*
Oct 2 03:11:31 206.13.56.94:2934 -> xxx.yyy.1.48:1433 SYN ******S*
Oct 2 03:11:31 206.13.56.94:2937 -> xxx.yyy.1.47:1433 SYN ******S*
[...]
Oct 2 03:26:23 206.13.56.94:3582 -> xxx.yyy.255.209:1433 SYN ******S*
Oct 2 03:26:23 206.13.56.94:3587 -> xxx.yyy.255.210:1433 SYN ******S*
Oct 2 03:26:23 206.13.56.94:3597 -> xxx.yyy.255.212:1433 SYN ******S*
Oct 2 03:26:24 206.13.56.94:3602 -> xxx.yyy.255.213:1433 SYN ******S*
Oct 2 03:26:24 206.13.56.94:3612 -> xxx.yyy.255.215:1433 SYN ******S*
Oct 2 03:26:24 206.13.56.94:3617 -> xxx.yyy.255.216:1433 SYN ******S*
Oct 2 03:26:24 206.13.56.94:3622 -> xxx.yyy.255.217:1433 SYN ******S*
Oct 2 03:26:24 206.13.56.94:3627 -> xxx.yyy.255.218:1433 SYN ******S*
65176
Oct 2 18:26:11 209.39.253.242:1082 -> xxx.yyy.1.0:4000 SYN ******S*
Oct 2 18:26:11 209.39.253.242:1083 -> xxx.yyy.1.1:4000 SYN ******S*
Oct 2 18:26:11 209.39.253.242:1084 -> xxx.yyy.1.2:4000 SYN ******S*
Oct 2 18:26:11 209.39.253.242:1085 -> xxx.yyy.1.3:4000 SYN ******S*
Oct 2 18:26:13 209.39.253.242:1086 -> xxx.yyy.1.4:4000 SYN ******S*
Oct 2 18:26:13 209.39.253.242:1087 -> xxx.yyy.1.5:4000 SYN ******S*
Oct 2 18:26:10 209.39.253.242:1088 -> xxx.yyy.1.6:4000 SYN ******S*
Oct 2 18:26:13 209.39.253.242:1089 -> xxx.yyy.1.7:4000 SYN ******S*
[...]
Oct 2 18:38:23 209.39.253.242:1437 -> xxx.yyy.255.243:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1434 -> xxx.yyy.255.240:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1448 -> xxx.yyy.255.253:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1445 -> xxx.yyy.255.250:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1449 -> xxx.yyy.255.254:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1443 -> xxx.yyy.255.248:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1447 -> xxx.yyy.255.252:4000 SYN ******S*
Oct 2 18:38:23 209.39.253.242:1444 -> xxx.yyy.255.249:4000 SYN ******S*
63926
Oct 2 21:47:24 208.40.36.216:4094 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4096 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4097 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4098 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4099 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 21:47:21 208.40.36.216:4101 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4102 -> xxx.yyy.1.8:1433 SYN ******S*
Oct 2 21:47:24 208.40.36.216:4103 -> xxx.yyy.1.9:1433 SYN ******S*
[...]
Oct 2 21:59:05 208.40.36.216:4383 -> xxx.yyy.255.189:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4380 -> xxx.yyy.255.186:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4384 -> xxx.yyy.255.190:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4382 -> xxx.yyy.255.188:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4390 -> xxx.yyy.255.196:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4391 -> xxx.yyy.255.197:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4402 -> xxx.yyy.255.208:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4427 -> xxx.yyy.255.233:1433 SYN ******S*
Oct 2 21:59:05 208.40.36.216:4469 -> xxx.yyy.255.248:1433 SYN ******S*
62632
Oct 2 17:34:56 208.62.7.125:3573 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 17:34:56 208.62.7.125:3574 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 2 17:34:56 208.62.7.125:3576 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 17:34:56 208.62.7.125:3578 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 17:34:54 208.62.7.125:3579 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 2 17:34:54 208.62.7.125:3580 -> xxx.yyy.1.8:1433 SYN ******S*
Oct 2 17:34:54 208.62.7.125:3581 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 2 17:34:57 208.62.7.125:3583 -> xxx.yyy.1.11:1433 SYN ******S*
[...]
Oct 2 17:46:37 208.62.7.125:2146 -> xxx.yyy.255.214:1433 SYN ******S*
Oct 2 17:46:37 208.62.7.125:2143 -> xxx.yyy.255.211:1433 SYN ******S*
Oct 2 17:46:37 208.62.7.125:2140 -> xxx.yyy.255.208:1433 SYN ******S*
Oct 2 17:46:38 208.62.7.125:2150 -> xxx.yyy.255.218:1433 SYN ******S*
Oct 2 17:46:38 208.62.7.125:2160 -> xxx.yyy.255.228:1433 SYN ******S*
Oct 2 17:46:38 208.62.7.125:2169 -> xxx.yyy.255.237:1433 SYN ******S*
Oct 2 17:46:38 208.62.7.125:2176 -> xxx.yyy.255.244:1433 SYN ******S*
Oct 2 17:46:38 208.62.7.125:2180 -> xxx.yyy.255.248:1433 SYN ******S*
61333
Oct 2 21:23:17 65.86.133.228:2430 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 21:23:17 65.86.133.228:2431 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 2 21:23:14 65.86.133.228:2432 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 21:23:17 65.86.133.228:2434 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 21:23:14 65.86.133.228:2435 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 2 21:23:14 65.86.133.228:2436 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 21:23:17 65.86.133.228:2437 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 2 21:23:14 65.86.133.228:2438 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Oct 2 21:35:34 65.86.133.228:1541 -> xxx.yyy.255.233:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1538 -> xxx.yyy.255.230:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1535 -> xxx.yyy.255.227:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1539 -> xxx.yyy.255.231:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1549 -> xxx.yyy.255.241:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1545 -> xxx.yyy.255.237:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1560 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1559 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 2 21:35:34 65.86.133.228:1555 -> xxx.yyy.255.247:1433 SYN ******S*
60483
Oct 2 22:17:03 216.229.142.202:3952 -> xxx.yyy.1.1:4899 SYN ******S*
Oct 2 22:17:03 216.229.142.202:3953 -> xxx.yyy.1.2:4899 SYN ******S*
Oct 2 22:17:03 216.229.142.202:3954 -> xxx.yyy.1.3:4899 SYN ******S*
Oct 2 22:17:05 216.229.142.202:3955 -> xxx.yyy.1.4:4899 SYN ******S*
Oct 2 22:17:05 216.229.142.202:3956 -> xxx.yyy.1.5:4899 SYN ******S*
Oct 2 22:17:05 216.229.142.202:3957 -> xxx.yyy.1.6:4899 SYN ******S*
Oct 2 22:17:02 216.229.142.202:3958 -> xxx.yyy.1.7:4899 SYN ******S*
Oct 2 22:17:05 216.229.142.202:3959 -> xxx.yyy.1.8:4899 SYN ******S*
[...]
Oct 2 22:25:20 216.229.142.202:4327 -> xxx.yyy.255.45:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4248 -> xxx.yyy.255.9:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4253 -> xxx.yyy.255.12:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4249 -> xxx.yyy.255.10:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4312 -> xxx.yyy.255.43:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4256 -> xxx.yyy.255.13:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4284 -> xxx.yyy.255.46:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4335 -> xxx.yyy.255.49:4899 SYN ******S*
Oct 2 22:25:20 216.229.142.202:4324 -> xxx.yyy.255.48:4899 SYN ******S*
52393
Oct 2 00:05:29 219.138.144.8:1688 -> xxx.yyy.128.3:1433 SYN ******S*
Oct 2 00:05:34 219.138.144.8:1689 -> xxx.yyy.128.4:1433 SYN ******S*
Oct 2 00:05:31 219.138.144.8:1692 -> xxx.yyy.128.6:1433 SYN ******S*
Oct 2 00:05:34 219.138.144.8:1693 -> xxx.yyy.128.7:1433 SYN ******S*
Oct 2 00:05:35 219.138.144.8:1695 -> xxx.yyy.128.9:1433 SYN ******S*
Oct 2 00:05:32 219.138.144.8:1698 -> xxx.yyy.128.12:1433 SYN ******S*
Oct 2 00:05:35 219.138.144.8:1702 -> xxx.yyy.128.16:1433 SYN ******S*
Oct 2 00:05:35 219.138.144.8:1703 -> xxx.yyy.128.17:1433 SYN ******S*
[...]
Oct 2 02:00:22 219.138.144.8:54845 -> xxx.yyy.255.239:1433 SYN ******S*
Oct 2 02:00:22 219.138.144.8:54846 -> xxx.yyy.255.240:1433 SYN ******S*
Oct 2 02:00:22 219.138.144.8:54847 -> xxx.yyy.255.241:1433 SYN ******S*
Oct 2 02:00:22 219.138.144.8:54850 -> xxx.yyy.255.243:1433 SYN ******S*
Oct 2 02:00:23 219.138.144.8:54854 -> xxx.yyy.255.246:1433 SYN ******S*
Oct 2 02:00:23 219.138.144.8:54856 -> xxx.yyy.255.247:1433 SYN ******S*
Oct 2 02:00:23 219.138.144.8:54859 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 2 02:00:23 219.138.144.8:54862 -> xxx.yyy.255.252:1433 SYN ******S*
45495
Oct 2 15:27:17 160.79.233.155:4205 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 15:27:20 160.79.233.155:4206 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 2 15:27:17 160.79.233.155:4207 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 15:27:20 160.79.233.155:4208 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 15:27:20 160.79.233.155:4213 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 2 15:27:17 160.79.233.155:4214 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 2 15:27:17 160.79.233.155:4215 -> xxx.yyy.1.11:1433 SYN ******S*
Oct 2 15:27:17 160.79.233.155:4216 -> xxx.yyy.1.12:1433 SYN ******S*
[...]
Oct 2 16:05:23 160.79.233.155:3699 -> xxx.yyy.255.238:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3696 -> xxx.yyy.255.235:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3693 -> xxx.yyy.255.232:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3709 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3706 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3690 -> xxx.yyy.255.229:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3687 -> xxx.yyy.255.226:1433 SYN ******S*
Oct 2 16:05:23 160.79.233.155:3703 -> xxx.yyy.255.242:1433 SYN ******S*
43831
Oct 2 03:52:05 213.220.231.173:3085 -> xxx.yyy.1.1:4899 SYN ******S*
Oct 2 03:52:05 213.220.231.173:3086 -> xxx.yyy.1.2:4899 SYN ******S*
Oct 2 03:52:05 213.220.231.173:3087 -> xxx.yyy.1.3:4899 SYN ******S*
Oct 2 03:52:04 213.220.231.173:3088 -> xxx.yyy.1.4:4899 SYN ******S*
Oct 2 03:52:04 213.220.231.173:3089 -> xxx.yyy.1.5:4899 SYN ******S*
Oct 2 03:52:04 213.220.231.173:3090 -> xxx.yyy.1.6:4899 SYN ******S*
Oct 2 03:52:04 213.220.231.173:3091 -> xxx.yyy.1.7:4899 SYN ******S*
Oct 2 03:52:04 213.220.231.173:3092 -> xxx.yyy.1.8:4899 SYN ******S*
[...]
Oct 2 03:57:09 213.220.231.173:3646 -> xxx.yyy.255.248:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3647 -> xxx.yyy.255.249:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3648 -> xxx.yyy.255.250:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3649 -> xxx.yyy.255.251:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3650 -> xxx.yyy.255.252:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3651 -> xxx.yyy.255.253:4899 SYN ******S*
Oct 2 03:57:09 213.220.231.173:3652 -> xxx.yyy.255.254:4899 SYN ******S*
Oct 2 03:57:11 213.220.231.173:3235 -> xxx.yyy.254.187:4899 SYN ******S*
Oct 2 03:57:11 213.220.231.173:3236 -> xxx.yyy.254.188:4899 SYN ******S*
42934
Oct 2 03:59:03 220.66.88.17:54982 -> xxx.yyy.1.43:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:34482 -> xxx.yyy.1.47:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:64450 -> xxx.yyy.1.45:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:18537 -> xxx.yyy.1.46:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:37466 -> xxx.yyy.1.48:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:45067 -> xxx.yyy.1.51:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:55576 -> xxx.yyy.1.54:4899 SYN ******S*
Oct 2 03:59:03 220.66.88.17:41928 -> xxx.yyy.1.50:4899 SYN ******S*
[...]
Oct 2 04:02:50 220.66.88.17:31415 -> xxx.yyy.253.67:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:36863 -> xxx.yyy.253.35:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:10081 -> xxx.yyy.253.46:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:56573 -> xxx.yyy.253.37:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:43026 -> xxx.yyy.253.52:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:12521 -> xxx.yyy.253.51:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:33108 -> xxx.yyy.253.54:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:39484 -> xxx.yyy.253.60:4899 SYN ******S*
Oct 2 04:02:50 220.66.88.17:35460 -> xxx.yyy.253.70:4899 SYN ******S*
41535
Oct 2 12:28:40 144.96.14.164:3639 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 12:28:43 144.96.14.164:3640 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 2 12:28:40 144.96.14.164:3641 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 12:28:40 144.96.14.164:3642 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 12:28:40 144.96.14.164:3644 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 12:28:43 144.96.14.164:3643 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 2 12:28:40 144.96.14.164:3645 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 2 12:28:43 144.96.14.164:3646 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Oct 2 12:44:21 144.96.14.164:1634 -> xxx.yyy.255.222:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1663 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1598 -> xxx.yyy.255.187:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1647 -> xxx.yyy.255.235:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1615 -> xxx.yyy.255.203:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1595 -> xxx.yyy.255.184:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1657 -> xxx.yyy.255.245:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1589 -> xxx.yyy.255.178:1433 SYN ******S*
Oct 2 12:44:21 144.96.14.164:1625 -> xxx.yyy.255.213:1433 SYN ******S*
40611
Oct 2 13:49:31 206.207.108.180:2798 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2799 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2801 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2802 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2803 -> xxx.yyy.1.8:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2804 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2805 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 2 13:49:31 206.207.108.180:2806 -> xxx.yyy.1.11:1433 SYN ******S*
[...]
Oct 2 13:54:38 206.207.108.180:1264 -> xxx.yyy.255.246:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1265 -> xxx.yyy.255.247:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1266 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1267 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1268 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1269 -> xxx.yyy.255.251:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1270 -> xxx.yyy.255.252:1433 SYN ******S*
Oct 2 13:54:38 206.207.108.180:1271 -> xxx.yyy.255.253:1433 SYN ******S*
Oct 2 13:54:39 206.207.108.180:1272 -> xxx.yyy.255.254:1433 SYN ******S*
35811
Oct 2 04:44:17 193.16.111.6:3490 -> xxx.yyy.1.1:4000 SYN ******S*
Oct 2 04:44:18 193.16.111.6:3491 -> xxx.yyy.1.2:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3493 -> xxx.yyy.1.4:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3494 -> xxx.yyy.1.5:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3495 -> xxx.yyy.1.6:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3496 -> xxx.yyy.1.7:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3497 -> xxx.yyy.1.8:4000 SYN ******S*
Oct 2 04:44:20 193.16.111.6:3498 -> xxx.yyy.1.9:4000 SYN ******S*
[...]
Oct 2 04:55:25 193.16.111.6:3463 -> xxx.yyy.243.200:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3459 -> xxx.yyy.243.196:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3460 -> xxx.yyy.243.197:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3472 -> xxx.yyy.243.209:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3470 -> xxx.yyy.243.207:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3469 -> xxx.yyy.243.206:4000 SYN ******S*
Oct 2 04:55:25 193.16.111.6:3467 -> xxx.yyy.243.204:4000 SYN ******S*
Oct 2 04:55:26 193.16.111.6:3536 -> xxx.yyy.244.17:4000 SYN ******S*
31927
Oct 2 04:45:35 193.16.111.10:3342 -> xxx.yyy.29.1:4000 SYN ******S*
Oct 2 04:45:34 193.16.111.10:3343 -> xxx.yyy.29.2:4000 SYN ******S*
Oct 2 04:45:34 193.16.111.10:3344 -> xxx.yyy.29.3:4000 SYN ******S*
Oct 2 04:45:34 193.16.111.10:3345 -> xxx.yyy.29.4:4000 SYN ******S*
Oct 2 04:45:34 193.16.111.10:3346 -> xxx.yyy.29.5:4000 SYN ******S*
Oct 2 04:45:37 193.16.111.10:3347 -> xxx.yyy.29.6:4000 SYN ******S*
Oct 2 04:45:37 193.16.111.10:3348 -> xxx.yyy.29.7:4000 SYN ******S*
Oct 2 04:45:34 193.16.111.10:3349 -> xxx.yyy.29.8:4000 SYN ******S*
[...]
Oct 2 04:55:58 193.16.111.10:2880 -> xxx.yyy.255.209:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2881 -> xxx.yyy.255.210:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2877 -> xxx.yyy.255.206:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2878 -> xxx.yyy.255.207:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2891 -> xxx.yyy.255.220:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2886 -> xxx.yyy.255.215:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2893 -> xxx.yyy.255.222:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2888 -> xxx.yyy.255.217:4000 SYN ******S*
Oct 2 04:55:58 193.16.111.10:2892 -> xxx.yyy.255.221:4000 SYN ******S*
31239
Oct 2 16:56:37 213.180.210.35:59868 -> xxx.yyy.1.40:1080 SYN ******S*
Oct 2 16:56:37 213.180.210.35:47306 -> xxx.yyy.1.40:1075 SYN ******S*
Oct 2 16:56:37 213.180.210.35:63321 -> xxx.yyy.1.40:80 SYN ******S*
Oct 2 16:56:37 213.180.210.35:37619 -> xxx.yyy.1.40:81 SYN ******S*
Oct 2 16:56:37 213.180.210.35:34119 -> xxx.yyy.1.40:3128 SYN ******S*
Oct 2 16:56:37 213.180.210.35:48185 -> xxx.yyy.1.40:4480 SYN ******S*
Oct 2 16:56:37 213.180.210.35:59740 -> xxx.yyy.1.40:6588 SYN ******S*
Oct 2 16:56:37 213.180.210.35:63047 -> xxx.yyy.1.40:8105 SYN ******S*
[...]
Oct 2 20:13:24 213.180.210.35:58742 -> xxx.yyy.1.40:25 SYN ******S*
Oct 2 20:13:24 213.180.210.35:50963 -> xxx.yyy.1.40:37 SYN ******S*
Oct 2 20:13:24 213.180.210.35:39485 -> xxx.yyy.1.40:79 SYN ******S*
Oct 2 20:13:24 213.180.210.35:56363 -> xxx.yyy.1.40:443 SYN ******S*
Oct 2 20:13:24 213.180.210.35:36134 -> xxx.yyy.1.40:465 SYN ******S*
Oct 2 20:13:24 213.180.210.35:53574 -> xxx.yyy.1.40:599 SYN ******S*
Oct 2 20:13:24 213.180.210.35:44072 -> xxx.yyy.1.40:993 SYN ******S*
Oct 2 20:13:24 213.180.210.35:59350 -> xxx.yyy.1.40:995 SYN ******S*
Oct 2 20:13:24 213.180.210.35:30772 -> xxx.yyy.1.40:7633 SYN ******S*
30642
Oct 2 01:41:02 203.75.206.162:4925 -> xxx.yyy.1.11:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4941 -> xxx.yyy.1.27:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4957 -> xxx.yyy.1.43:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4962 -> xxx.yyy.1.48:1433 SYN ******S*
Oct 2 01:41:05 203.75.206.162:4964 -> xxx.yyy.1.50:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4965 -> xxx.yyy.1.51:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4973 -> xxx.yyy.1.59:1433 SYN ******S*
Oct 2 01:41:02 203.75.206.162:4979 -> xxx.yyy.1.66:1433 SYN ******S*
[...]
Oct 2 01:49:38 203.75.206.162:2115 -> xxx.yyy.255.223:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2126 -> xxx.yyy.255.234:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2111 -> xxx.yyy.255.220:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2094 -> xxx.yyy.255.202:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2107 -> xxx.yyy.255.215:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2139 -> xxx.yyy.255.247:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2091 -> xxx.yyy.255.199:1433 SYN ******S*
Oct 2 01:49:38 203.75.206.162:2123 -> xxx.yyy.255.231:1433 SYN ******S*
23632
Oct 2 08:07:30 81.208.74.183:1945 -> xxx.yyy.183.137:1433 SYN ******S*
Oct 2 08:07:27 81.208.74.183:1946 -> xxx.yyy.183.138:1433 SYN ******S*
Oct 2 08:07:27 81.208.74.183:1999 -> xxx.yyy.183.139:1433 SYN ******S*
Oct 2 08:07:27 81.208.74.183:2016 -> xxx.yyy.183.140:1433 SYN ******S*
Oct 2 08:07:27 81.208.74.183:2024 -> xxx.yyy.183.141:1433 SYN ******S*
Oct 2 08:07:27 81.208.74.183:2034 -> xxx.yyy.183.142:1433 SYN ******S*
Oct 2 08:07:30 81.208.74.183:2042 -> xxx.yyy.183.143:1433 SYN ******S*
Oct 2 08:07:30 81.208.74.183:2049 -> xxx.yyy.183.144:1433 SYN ******S*
[...]
Oct 2 09:18:45 81.208.74.183:54206 -> xxx.yyy.255.244:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54218 -> xxx.yyy.255.246:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54200 -> xxx.yyy.255.242:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54285 -> xxx.yyy.255.249:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54281 -> xxx.yyy.255.248:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54368 -> xxx.yyy.255.252:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54288 -> xxx.yyy.255.250:1433 SYN ******S*
Oct 2 09:18:45 81.208.74.183:54366 -> xxx.yyy.255.251:1433 SYN ******S*
20075
[...]
18249
[...]
17210
Oct 2 10:09:22 81.10.175.132:3612 -> xxx.yyy.1.0:1433 SYN ******S*
Oct 2 10:09:22 81.10.175.132:3785 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 2 10:09:22 81.10.175.132:3793 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 2 10:09:23 81.10.175.132:3854 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 2 10:09:23 81.10.175.132:3920 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 2 10:09:23 81.10.175.132:4019 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 2 10:09:21 81.10.175.132:4250 -> xxx.yyy.1.9:1433 SYN ******S*
Oct 2 10:09:21 81.10.175.132:4252 -> xxx.yyy.1.10:1433 SYN ******S*
[...]
Oct 2 11:12:02 81.10.175.132:1324 -> xxx.yyy.138.11:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1330 -> xxx.yyy.138.12:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1360 -> xxx.yyy.138.13:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1155 -> xxx.yyy.138.2:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1546 -> xxx.yyy.138.3:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:2685 -> xxx.yyy.138.4:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1392 -> xxx.yyy.138.14:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:2842 -> xxx.yyy.138.5:1433 SYN ******S*
Oct 2 11:12:03 81.10.175.132:1393 -> xxx.yyy.138.15:1433 SYN ******S*
16696
Oct 2 23:54:42 211.72.140.30:3764 -> xxx.yyy.1.1:8000 SYN ******S*
Oct 2 23:54:42 211.72.140.30:3765 -> xxx.yyy.1.2:8000 SYN ******S*
Oct 2 23:54:42 211.72.140.30:3766 -> xxx.yyy.1.3:8000 SYN ******S*
Oct 2 23:54:43 211.72.140.30:3767 -> xxx.yyy.1.4:8000 SYN ******S*
Oct 2 23:54:43 211.72.140.30:3768 -> xxx.yyy.1.5:8000 SYN ******S*
Oct 2 23:54:43 211.72.140.30:3769 -> xxx.yyy.1.6:8000 SYN ******S*
Oct 2 23:54:43 211.72.140.30:3770 -> xxx.yyy.1.7:8000 SYN ******S*
Oct 2 23:54:43 211.72.140.30:3771 -> xxx.yyy.1.8:8000 SYN ******S*
[...]
Oct 2 23:59:29 211.72.140.30:4317 -> xxx.yyy.111.238:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4326 -> xxx.yyy.111.247:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4333 -> xxx.yyy.111.254:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4329 -> xxx.yyy.111.250:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4332 -> xxx.yyy.111.253:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4327 -> xxx.yyy.111.248:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4334 -> xxx.yyy.111.255:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4330 -> xxx.yyy.111.251:8000 SYN ******S*
Oct 2 23:59:29 211.72.140.30:4331 -> xxx.yyy.111.252:8000 SYN ******S*
15082
Oct 2 07:56:18 222.121.221.13:3669 -> xxx.yyy.153.137:5554 SYN ******S*
Oct 2 07:56:19 222.121.221.13:4902 -> xxx.yyy.153.137:1023 SYN ******S*
Oct 2 07:56:21 222.121.221.13:2291 -> xxx.yyy.153.137:9898 SYN ******S*
Oct 2 07:56:18 222.121.221.13:3671 -> xxx.yyy.153.139:5554 SYN ******S*
Oct 2 07:56:19 222.121.221.13:4987 -> xxx.yyy.153.139:1023 SYN ******S*
Oct 2 07:56:21 222.121.221.13:2382 -> xxx.yyy.153.139:9898 SYN ******S*
Oct 2 07:56:18 222.121.221.13:3672 -> xxx.yyy.153.140:5554 SYN ******S*
Oct 2 07:56:19 222.121.221.13:4990 -> xxx.yyy.153.140:1023 SYN ******S*
[...]
Oct 2 07:57:03 222.121.221.13:3915 -> xxx.yyy.173.252:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3940 -> xxx.yyy.174.0:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3909 -> xxx.yyy.173.244:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3916 -> xxx.yyy.173.253:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3913 -> xxx.yyy.173.250:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3918 -> xxx.yyy.173.254:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3910 -> xxx.yyy.173.249:9898 SYN ******S*
Oct 2 07:57:03 222.121.221.13:3939 -> xxx.yyy.174.1:9898 SYN ******S*
14474
Oct 2 10:15:32 220.87.59.120:2471 -> xxx.yyy.133.15:5554 SYN ******S*
Oct 2 10:15:33 220.87.59.120:2903 -> xxx.yyy.133.15:1023 SYN ******S*
Oct 2 10:15:35 220.87.59.120:3848 -> xxx.yyy.133.15:9898 SYN ******S*
Oct 2 10:15:32 220.87.59.120:2473 -> xxx.yyy.133.17:5554 SYN ******S*
Oct 2 10:15:33 220.87.59.120:2905 -> xxx.yyy.133.17:1023 SYN ******S*
Oct 2 10:15:35 220.87.59.120:3854 -> xxx.yyy.133.17:9898 SYN ******S*
Oct 2 10:15:32 220.87.59.120:2475 -> xxx.yyy.133.19:5554 SYN ******S*
Oct 2 10:15:33 220.87.59.120:2908 -> xxx.yyy.133.19:1023 SYN ******S*
[...]
Oct 2 10:16:18 220.87.59.120:2939 -> xxx.yyy.152.255:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:2944 -> xxx.yyy.153.16:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:2977 -> xxx.yyy.153.24:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3064 -> xxx.yyy.153.35:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3129 -> xxx.yyy.153.66:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3193 -> xxx.yyy.153.106:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3189 -> xxx.yyy.153.102:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3207 -> xxx.yyy.153.110:9898 SYN ******S*
Oct 2 10:16:18 220.87.59.120:3208 -> xxx.yyy.153.111:9898 SYN ******S*
14184
Oct 2 23:46:25 220.88.125.90:4196 -> xxx.yyy.174.4:5554 SYN ******S*
Oct 2 23:46:25 220.88.125.90:4197 -> xxx.yyy.174.9:5554 SYN ******S*
Oct 2 23:46:26 220.88.125.90:1057 -> xxx.yyy.174.9:1023 SYN ******S*
Oct 2 23:46:25 220.88.125.90:4201 -> xxx.yyy.174.6:5554 SYN ******S*
Oct 2 23:46:26 220.88.125.90:1061 -> xxx.yyy.174.6:1023 SYN ******S*
Oct 2 23:46:25 220.88.125.90:4206 -> xxx.yyy.174.103:5554 SYN ******S*
Oct 2 23:46:26 220.88.125.90:1067 -> xxx.yyy.174.103:1023 SYN ******S*
Oct 2 23:46:25 220.88.125.90:4195 -> xxx.yyy.174.2:5554 SYN ******S*
[...]
Oct 2 23:47:31 220.88.125.90:4105 -> xxx.yyy.174.47:9898 SYN ******S*
Oct 2 23:47:31 220.88.125.90:4106 -> xxx.yyy.174.48:9898 SYN ******S*
Oct 2 23:47:31 220.88.125.90:4107 -> xxx.yyy.174.46:9898 SYN ******S*
Oct 2 23:47:31 220.88.125.90:4553 -> xxx.yyy.174.59:9898 SYN ******S*
Oct 2 23:47:31 220.88.125.90:4702 -> xxx.yyy.174.91:9898 SYN ******S*
Oct 2 23:47:31 220.88.125.90:4703 -> xxx.yyy.174.85:9898 SYN ******S*
Oct 2 23:47:32 220.88.125.90:4727 -> xxx.yyy.174.69:9898 SYN ******S*
Oct 2 23:47:32 220.88.125.90:4729 -> xxx.yyy.174.75:9898 SYN ******S*
Oct 2 23:47:32 220.88.125.90:4735 -> xxx.yyy.174.88:9898 SYN ******S*
12461
[...]
11713
--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu phone: (319) 273-5850 fax: (319) 273-7373
More information about the Intrusions
mailing list