[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken.Connelly at uni.edu
Ken.Connelly at uni.edu
Mon Oct 4 13:35:44 GMT 2004
The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.
Oct 3 15:31:43 216.89.223.3:2895 -> xxx.yyy.1.1:4000 SYN ******S*
Oct 3 15:31:42 216.89.223.3:2901 -> xxx.yyy.1.4:4000 SYN ******S*
Oct 3 15:31:45 216.89.223.3:2903 -> xxx.yyy.1.5:4000 SYN ******S*
Oct 3 15:31:42 216.89.223.3:2905 -> xxx.yyy.1.6:4000 SYN ******S*
Oct 3 15:31:42 216.89.223.3:2907 -> xxx.yyy.1.7:4000 SYN ******S*
Oct 3 15:31:42 216.89.223.3:2909 -> xxx.yyy.1.8:4000 SYN ******S*
Oct 3 15:31:43 216.89.223.3:2915 -> xxx.yyy.1.11:4000 SYN ******S*
Oct 3 15:31:45 216.89.223.3:2917 -> xxx.yyy.1.12:4000 SYN ******S*
[...]
Oct 3 15:47:50 216.89.223.3:4148 -> xxx.yyy.255.234:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4166 -> xxx.yyy.255.243:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4158 -> xxx.yyy.255.239:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4160 -> xxx.yyy.255.240:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4168 -> xxx.yyy.255.244:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4170 -> xxx.yyy.255.245:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4154 -> xxx.yyy.255.237:4000 SYN ******S*
Oct 3 15:47:50 216.89.223.3:4162 -> xxx.yyy.255.241:4000 SYN ******S*
82258
Oct 3 07:05:49 221.0.188.2:2673 -> xxx.yyy.1.1:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2674 -> xxx.yyy.1.2:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2675 -> xxx.yyy.1.3:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2676 -> xxx.yyy.1.4:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2677 -> xxx.yyy.1.5:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2678 -> xxx.yyy.1.6:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2679 -> xxx.yyy.1.7:2277 SYN ******S*
Oct 3 07:05:49 221.0.188.2:2680 -> xxx.yyy.1.8:2277 SYN ******S*
[...]
Oct 3 07:17:28 221.0.188.2:4317 -> xxx.yyy.255.243:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4320 -> xxx.yyy.255.246:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4322 -> xxx.yyy.255.248:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4319 -> xxx.yyy.255.245:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4327 -> xxx.yyy.255.253:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4324 -> xxx.yyy.255.250:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4325 -> xxx.yyy.255.251:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4328 -> xxx.yyy.255.254:2277 SYN ******S*
Oct 3 07:17:28 221.0.188.2:4326 -> xxx.yyy.255.252:2277 SYN ******S*
70223
Oct 3 16:44:20 142.237.133.31:4443 -> xxx.yyy.1.0:1433 SYN ******S*
Oct 3 16:44:20 142.237.133.31:4445 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4448 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4452 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4455 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4458 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4466 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 3 16:44:23 142.237.133.31:4469 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Oct 3 19:37:02 142.237.133.31:3055 -> xxx.yyy.193.135:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:3061 -> xxx.yyy.193.137:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:3148 -> xxx.yyy.193.162:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:3063 -> xxx.yyy.193.138:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:4661 -> xxx.yyy.193.98:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:3156 -> xxx.yyy.193.163:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:4662 -> xxx.yyy.193.99:1433 SYN ******S*
Oct 3 19:37:02 142.237.133.31:3158 -> xxx.yyy.193.164:1433 SYN ******S*
53424
Oct 3 00:00:09 211.72.140.30:4453 -> xxx.yyy.128.1:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4454 -> xxx.yyy.128.2:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4455 -> xxx.yyy.128.3:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4456 -> xxx.yyy.128.4:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4457 -> xxx.yyy.128.5:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4458 -> xxx.yyy.128.6:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4459 -> xxx.yyy.128.7:8000 SYN ******S*
Oct 3 00:00:10 211.72.140.30:4460 -> xxx.yyy.128.8:8000 SYN ******S*
[...]
Oct 3 00:05:39 211.72.140.30:1422 -> xxx.yyy.255.242:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1426 -> xxx.yyy.255.246:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1420 -> xxx.yyy.255.240:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1430 -> xxx.yyy.255.250:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1435 -> xxx.yyy.255.254:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1431 -> xxx.yyy.255.251:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1429 -> xxx.yyy.255.249:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1434 -> xxx.yyy.255.253:8000 SYN ******S*
Oct 3 00:05:39 211.72.140.30:1432 -> xxx.yyy.255.252:8000 SYN ******S*
47527
Oct 3 10:42:56 216.174.213.6:4388 -> xxx.yyy.1.1:8000 SYN ******S*
Oct 3 10:42:56 216.174.213.6:4390 -> xxx.yyy.1.3:8000 SYN ******S*
Oct 3 10:42:55 216.174.213.6:4391 -> xxx.yyy.1.4:8000 SYN ******S*
Oct 3 10:42:55 216.174.213.6:4392 -> xxx.yyy.1.5:8000 SYN ******S*
Oct 3 10:42:58 216.174.213.6:4393 -> xxx.yyy.1.6:8000 SYN ******S*
Oct 3 10:42:55 216.174.213.6:4394 -> xxx.yyy.1.7:8000 SYN ******S*
Oct 3 10:42:55 216.174.213.6:4395 -> xxx.yyy.1.8:8000 SYN ******S*
Oct 3 10:42:58 216.174.213.6:4396 -> xxx.yyy.1.9:8000 SYN ******S*
[...]
Oct 3 11:22:08 216.174.213.6:4734 -> xxx.yyy.255.215:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4750 -> xxx.yyy.255.231:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4766 -> xxx.yyy.255.247:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4747 -> xxx.yyy.255.228:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4763 -> xxx.yyy.255.244:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4735 -> xxx.yyy.255.216:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4751 -> xxx.yyy.255.232:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4761 -> xxx.yyy.255.242:8000 SYN ******S*
Oct 3 11:22:08 216.174.213.6:4765 -> xxx.yyy.255.246:8000 SYN ******S*
47502
Oct 3 06:35:45 219.120.65.108:3707 -> xxx.yyy.1.4:80 SYN ******S*
Oct 3 06:35:44 219.120.65.108:3709 -> xxx.yyy.1.6:80 SYN ******S*
Oct 3 06:35:44 219.120.65.108:3708 -> xxx.yyy.1.5:80 SYN ******S*
Oct 3 06:35:43 219.120.65.108:3703 -> xxx.yyy.1.0:80 SYN ******S*
Oct 3 06:35:44 219.120.65.108:3712 -> xxx.yyy.1.9:80 SYN ******S*
Oct 3 06:35:44 219.120.65.108:3713 -> xxx.yyy.1.10:80 SYN ******S*
Oct 3 06:35:43 219.120.65.108:3704 -> xxx.yyy.1.1:80 SYN ******S*
Oct 3 06:35:43 219.120.65.108:3705 -> xxx.yyy.1.2:80 SYN ******S*
[...]
Oct 3 07:18:55 219.120.65.108:1416 -> xxx.yyy.254.237:80 SYN ******S*
Oct 3 07:18:55 219.120.65.108:1417 -> xxx.yyy.254.238:80 SYN ******S*
Oct 3 07:18:55 219.120.65.108:1420 -> xxx.yyy.254.241:80 SYN ******S*
Oct 3 07:18:55 219.120.65.108:1418 -> xxx.yyy.254.239:80 SYN ******S*
Oct 3 07:19:02 219.120.65.108:1551 -> xxx.yyy.224.83:80 SYN ******S*
Oct 3 07:19:06 219.120.65.108:1599 -> xxx.yyy.224.83:80 SYN ******S*
Oct 3 07:19:09 219.120.65.108:1644 -> xxx.yyy.224.83:80 SYN ******S*
Oct 3 07:19:11 219.120.65.108:1665 -> xxx.yyy.224.83:80 SYN ******S*
47231
Oct 3 11:33:49 216.229.142.202:2556 -> xxx.yyy.1.1:4899 SYN ******S*
Oct 3 11:33:49 216.229.142.202:2559 -> xxx.yyy.1.2:4899 SYN ******S*
Oct 3 11:33:48 216.229.142.202:2562 -> xxx.yyy.1.3:4899 SYN ******S*
Oct 3 11:33:51 216.229.142.202:2564 -> xxx.yyy.1.4:4899 SYN ******S*
Oct 3 11:33:48 216.229.142.202:2565 -> xxx.yyy.1.5:4899 SYN ******S*
Oct 3 11:33:48 216.229.142.202:2568 -> xxx.yyy.1.7:4899 SYN ******S*
Oct 3 11:33:51 216.229.142.202:2570 -> xxx.yyy.1.8:4899 SYN ******S*
Oct 3 11:33:48 216.229.142.202:2572 -> xxx.yyy.1.9:4899 SYN ******S*
[...]
Oct 3 11:40:38 216.229.142.202:4210 -> xxx.yyy.255.230:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4219 -> xxx.yyy.255.232:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:1472 -> xxx.yyy.255.227:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4206 -> xxx.yyy.255.228:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4245 -> xxx.yyy.255.235:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4213 -> xxx.yyy.255.231:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4234 -> xxx.yyy.255.234:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4224 -> xxx.yyy.255.233:4899 SYN ******S*
Oct 3 11:40:38 216.229.142.202:4209 -> xxx.yyy.255.229:4899 SYN ******S*
46401
Oct 3 00:25:14 212.244.37.68:4892 -> xxx.yyy.1.1:4899 SYN ******S*
Oct 3 00:25:14 212.244.37.68:4894 -> xxx.yyy.1.2:4899 SYN ******S*
Oct 3 00:25:15 212.244.37.68:4895 -> xxx.yyy.1.3:4899 SYN ******S*
Oct 3 00:25:14 212.244.37.68:4897 -> xxx.yyy.1.4:4899 SYN ******S*
Oct 3 00:25:16 212.244.37.68:4898 -> xxx.yyy.1.5:4899 SYN ******S*
Oct 3 00:25:14 212.244.37.68:4900 -> xxx.yyy.1.6:4899 SYN ******S*
Oct 3 00:25:14 212.244.37.68:4902 -> xxx.yyy.1.8:4899 SYN ******S*
Oct 3 00:25:14 212.244.37.68:4901 -> xxx.yyy.1.7:4899 SYN ******S*
[...]
Oct 3 00:40:49 212.244.37.68:2341 -> xxx.yyy.255.211:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2315 -> xxx.yyy.255.185:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2289 -> xxx.yyy.255.160:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2260 -> xxx.yyy.255.131:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2364 -> xxx.yyy.255.234:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2335 -> xxx.yyy.255.205:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2313 -> xxx.yyy.255.183:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2285 -> xxx.yyy.255.154:4899 SYN ******S*
Oct 3 00:40:49 212.244.37.68:2254 -> xxx.yyy.255.125:4899 SYN ******S*
44204
Oct 3 17:45:39 61.172.246.145:2597 -> xxx.yyy.1.3:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2591 -> xxx.yyy.1.1:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2594 -> xxx.yyy.1.2:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2612 -> xxx.yyy.1.5:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2598 -> xxx.yyy.1.4:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2635 -> xxx.yyy.1.15:80 SYN ******S*
Oct 3 17:45:39 61.172.246.145:2636 -> xxx.yyy.1.16:80 SYN ******S*
Oct 3 17:45:36 61.172.246.145:2641 -> xxx.yyy.1.18:80 SYN ******S*
[...]
Oct 3 17:50:46 61.172.246.145:2253 -> xxx.yyy.255.198:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2277 -> xxx.yyy.255.208:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2236 -> xxx.yyy.255.191:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2364 -> xxx.yyy.255.235:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2233 -> xxx.yyy.255.190:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2348 -> xxx.yyy.255.231:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2372 -> xxx.yyy.255.238:80 SYN ******S*
Oct 3 17:50:46 61.172.246.145:2218 -> xxx.yyy.255.185:80 SYN ******S*
33752
Oct 3 12:40:04 80.230.217.157:4417 -> xxx.yyy.1.0:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4420 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4423 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4428 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4429 -> xxx.yyy.1.4:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4430 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4432 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 3 12:40:04 80.230.217.157:4438 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Oct 3 14:36:59 80.230.217.157:4162 -> xxx.yyy.129.233:1433 SYN ******S*
Oct 3 14:36:59 80.230.217.157:4160 -> xxx.yyy.129.231:1433 SYN ******S*
Oct 3 14:36:59 80.230.217.157:4159 -> xxx.yyy.129.230:1433 SYN ******S*
Oct 3 14:37:00 80.230.217.157:4456 -> xxx.yyy.129.238:1433 SYN ******S*
Oct 3 14:37:00 80.230.217.157:4472 -> xxx.yyy.129.240:1433 SYN ******S*
Oct 3 14:37:01 80.230.217.157:4485 -> xxx.yyy.129.241:1433 SYN ******S*
Oct 3 14:37:01 80.230.217.157:4487 -> xxx.yyy.129.242:1433 SYN ******S*
Oct 3 14:37:01 80.230.217.157:4405 -> xxx.yyy.129.235:1433 SYN ******S*
24828
Oct 3 15:02:48 81.156.132.127:3489 -> xxx.yyy.132.163:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3498 -> xxx.yyy.132.166:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3503 -> xxx.yyy.132.168:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3512 -> xxx.yyy.132.171:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3518 -> xxx.yyy.132.174:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3523 -> xxx.yyy.132.176:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3528 -> xxx.yyy.132.178:1433 SYN ******S*
Oct 3 15:02:48 81.156.132.127:3530 -> xxx.yyy.132.181:1433 SYN ******S*
[...]
Oct 3 15:52:31 81.156.132.127:3752 -> xxx.yyy.235.0:1433 SYN ******S*
Oct 3 15:52:32 81.156.132.127:3759 -> xxx.yyy.235.4:1433 SYN ******S*
Oct 3 15:52:32 81.156.132.127:3758 -> xxx.yyy.235.3:1433 SYN ******S*
Oct 3 15:52:32 81.156.132.127:3770 -> xxx.yyy.235.5:1433 SYN ******S*
Oct 3 15:52:33 81.156.132.127:3784 -> xxx.yyy.235.8:1433 SYN ******S*
Oct 3 15:52:33 81.156.132.127:3790 -> xxx.yyy.235.9:1433 SYN ******S*
Oct 3 15:52:33 81.156.132.127:3799 -> xxx.yyy.235.11:1433 SYN ******S*
Oct 3 15:52:33 81.156.132.127:3797 -> xxx.yyy.235.10:1433 SYN ******S*
Oct 3 15:52:34 81.156.132.127:3812 -> xxx.yyy.235.14:1433 SYN ******S*
23208
Oct 3 08:22:01 217.10.198.10:7297 -> xxx.yyy.1.2:8000 SYN ******S*
Oct 3 08:21:59 217.10.198.10:7300 -> xxx.yyy.1.5:8000 SYN ******S*
Oct 3 08:21:59 217.10.198.10:7303 -> xxx.yyy.1.8:8000 SYN ******S*
Oct 3 08:22:01 217.10.198.10:7306 -> xxx.yyy.1.11:8000 SYN ******S*
Oct 3 08:22:02 217.10.198.10:7308 -> xxx.yyy.1.13:8000 SYN ******S*
Oct 3 08:22:02 217.10.198.10:7333 -> xxx.yyy.1.38:8000 SYN ******S*
Oct 3 08:22:02 217.10.198.10:7359 -> xxx.yyy.1.64:8000 SYN ******S*
Oct 3 08:22:02 217.10.198.10:7372 -> xxx.yyy.1.77:8000 SYN ******S*
[...]
Oct 3 08:43:54 217.10.198.10:10437 -> xxx.yyy.255.210:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10463 -> xxx.yyy.255.236:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10476 -> xxx.yyy.255.249:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10438 -> xxx.yyy.255.211:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10464 -> xxx.yyy.255.237:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10452 -> xxx.yyy.255.225:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10453 -> xxx.yyy.255.226:8000 SYN ******S*
Oct 3 08:43:54 217.10.198.10:10432 -> xxx.yyy.255.205:8000 SYN ******S*
19321
Oct 3 00:21:33 195.67.90.202:61773 -> xxx.yyy.17.29:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61777 -> xxx.yyy.17.23:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61779 -> xxx.yyy.17.24:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61781 -> xxx.yyy.17.25:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61783 -> xxx.yyy.17.26:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61785 -> xxx.yyy.17.27:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61786 -> xxx.yyy.17.28:1433 SYN ******S*
Oct 3 00:21:33 195.67.90.202:61805 -> xxx.yyy.17.39:1433 SYN ******S*
[...]
Oct 3 00:32:39 195.67.90.202:63928 -> xxx.yyy.255.225:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63952 -> xxx.yyy.255.237:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63954 -> xxx.yyy.255.238:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63940 -> xxx.yyy.255.231:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63946 -> xxx.yyy.255.234:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63948 -> xxx.yyy.255.235:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63942 -> xxx.yyy.255.232:1433 SYN ******S*
Oct 3 00:32:39 195.67.90.202:63950 -> xxx.yyy.255.236:1433 SYN ******S*
15667
[...]
15625
Oct 3 18:27:53 82.37.45.160:4675 -> xxx.yyy.1.7:1433 SYN ******S*
Oct 3 18:27:53 82.37.45.160:4686 -> xxx.yyy.1.10:1433 SYN ******S*
Oct 3 18:27:54 82.37.45.160:4723 -> xxx.yyy.1.20:1433 SYN ******S*
Oct 3 18:27:54 82.37.45.160:4806 -> xxx.yyy.1.34:1433 SYN ******S*
Oct 3 18:27:57 82.37.45.160:4808 -> xxx.yyy.1.35:1433 SYN ******S*
Oct 3 18:27:54 82.37.45.160:4814 -> xxx.yyy.1.37:1433 SYN ******S*
Oct 3 18:27:57 82.37.45.160:4818 -> xxx.yyy.1.38:1433 SYN ******S*
Oct 3 18:27:56 82.37.45.160:4655 -> xxx.yyy.1.2:1433 SYN ******S*
[...]
Oct 3 19:48:36 82.37.45.160:3867 -> xxx.yyy.88.133:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:3875 -> xxx.yyy.88.136:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:3927 -> xxx.yyy.88.137:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:4578 -> xxx.yyy.88.80:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:4583 -> xxx.yyy.88.81:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:4047 -> xxx.yyy.88.143:1433 SYN ******S*
Oct 3 19:48:36 82.37.45.160:4064 -> xxx.yyy.88.148:1433 SYN ******S*
Oct 3 19:48:37 82.37.45.160:4148 -> xxx.yyy.88.156:1433 SYN ******S*
Oct 3 19:48:37 82.37.45.160:4936 -> xxx.yyy.88.172:1433 SYN ******S*
13956
[...]
11673
Oct 3 00:05:51 60.35.131.73:1610 -> xxx.yyy.235.115:5554 SYN ******S*
Oct 3 00:05:51 60.35.131.73:1618 -> xxx.yyy.235.121:5554 SYN ******S*
Oct 3 00:05:51 60.35.131.73:1616 -> xxx.yyy.235.119:5554 SYN ******S*
Oct 3 00:05:52 60.35.131.73:2350 -> xxx.yyy.235.119:1023 SYN ******S*
Oct 3 00:05:51 60.35.131.73:1624 -> xxx.yyy.235.125:5554 SYN ******S*
Oct 3 00:05:52 60.35.131.73:2360 -> xxx.yyy.235.125:1023 SYN ******S*
Oct 3 00:05:54 60.35.131.73:4797 -> xxx.yyy.235.125:9898 SYN ******S*
Oct 3 00:05:51 60.35.131.73:1625 -> xxx.yyy.235.126:5554 SYN ******S*
[...]
Oct 3 00:06:37 60.35.131.73:1817 -> xxx.yyy.255.164:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:1819 -> xxx.yyy.255.165:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:1832 -> xxx.yyy.255.168:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:1835 -> xxx.yyy.255.169:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:1836 -> xxx.yyy.255.170:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:1850 -> xxx.yyy.255.171:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:2018 -> xxx.yyy.255.210:9898 SYN ******S*
Oct 3 00:06:37 60.35.131.73:2093 -> xxx.yyy.255.233:9898 SYN ******S*
10834
Oct 3 02:08:40 221.146.198.224:3061 -> xxx.yyy.133.14:5554 SYN ******S*
Oct 3 02:08:41 221.146.198.224:3611 -> xxx.yyy.133.14:1023 SYN ******S*
Oct 3 02:08:43 221.146.198.224:4864 -> xxx.yyy.133.14:9898 SYN ******S*
Oct 3 02:08:40 221.146.198.224:3064 -> xxx.yyy.133.17:5554 SYN ******S*
Oct 3 02:08:41 221.146.198.224:3614 -> xxx.yyy.133.17:1023 SYN ******S*
Oct 3 02:08:43 221.146.198.224:4867 -> xxx.yyy.133.17:9898 SYN ******S*
Oct 3 02:08:40 221.146.198.224:3074 -> xxx.yyy.133.26:5554 SYN ******S*
Oct 3 02:08:41 221.146.198.224:3623 -> xxx.yyy.133.26:1023 SYN ******S*
[...]
Oct 3 02:09:22 221.146.198.224:4879 -> xxx.yyy.153.135:9898 SYN ******S*
Oct 3 02:09:20 221.146.198.224:3648 -> xxx.yyy.153.136:1023 SYN ******S*
Oct 3 02:09:20 221.146.198.224:3645 -> xxx.yyy.153.133:1023 SYN ******S*
Oct 3 02:09:20 221.146.198.224:3646 -> xxx.yyy.153.134:1023 SYN ******S*
Oct 3 02:09:22 221.146.198.224:4878 -> xxx.yyy.153.134:9898 SYN ******S*
Oct 3 02:09:22 221.146.198.224:4781 -> xxx.yyy.153.78:9898 SYN ******S*
Oct 3 02:09:22 221.146.198.224:4830 -> xxx.yyy.153.93:9898 SYN ******S*
Oct 3 02:09:22 221.146.198.224:4831 -> xxx.yyy.153.94:9898 SYN ******S*
Oct 3 02:09:22 221.146.198.224:4875 -> xxx.yyy.153.131:9898 SYN ******S*
9522
Oct 3 14:08:45 81.156.135.255:3142 -> xxx.yyy.10.0:1433 SYN ******S*
Oct 3 14:08:45 81.156.135.255:3152 -> xxx.yyy.10.1:1433 SYN ******S*
Oct 3 14:08:45 81.156.135.255:3162 -> xxx.yyy.10.2:1433 SYN ******S*
Oct 3 14:08:42 81.156.135.255:3174 -> xxx.yyy.10.4:1433 SYN ******S*
Oct 3 14:08:45 81.156.135.255:3202 -> xxx.yyy.10.6:1433 SYN ******S*
Oct 3 14:08:42 81.156.135.255:3253 -> xxx.yyy.10.9:1433 SYN ******S*
Oct 3 14:08:43 81.156.135.255:3291 -> xxx.yyy.10.11:1433 SYN ******S*
Oct 3 14:08:43 81.156.135.255:3296 -> xxx.yyy.10.12:1433 SYN ******S*
[...]
Oct 3 15:02:26 81.156.135.255:3862 -> xxx.yyy.128.219:1433 SYN ******S*
Oct 3 15:02:27 81.156.135.255:4083 -> xxx.yyy.128.232:1433 SYN ******S*
Oct 3 15:02:27 81.156.135.255:4104 -> xxx.yyy.128.234:1433 SYN ******S*
Oct 3 15:02:27 81.156.135.255:3525 -> xxx.yyy.128.206:1433 SYN ******S*
Oct 3 15:02:27 81.156.135.255:4122 -> xxx.yyy.128.236:1433 SYN ******S*
Oct 3 15:02:28 81.156.135.255:3966 -> xxx.yyy.128.223:1433 SYN ******S*
Oct 3 15:02:28 81.156.135.255:4140 -> xxx.yyy.128.237:1433 SYN ******S*
Oct 3 15:02:28 81.156.135.255:4161 -> xxx.yyy.128.239:1433 SYN ******S*
8775
Oct 3 00:00:07 24.225.171.36:34147 -> xxx.yyy.81.85:4779 INVALIDACK ***A*R*F
Oct 3 00:00:04 24.225.171.36:34147 -> xxx.yyy.81.85:4769 INVALIDACK ***A*R*F
Oct 3 00:00:10 24.225.171.36:34147 -> xxx.yyy.81.85:4769 INVALIDACK ***A*R*F
Oct 3 00:00:13 24.225.171.36:34147 -> xxx.yyy.81.85:4779 INVALIDACK ***A*R*F
Oct 3 00:00:46 24.225.171.36:34147 -> xxx.yyy.81.85:4907 INVALIDACK ***A*R*F
Oct 3 00:00:48 24.225.171.36:34147 -> xxx.yyy.81.85:4919 INVALIDACK ***A*R*F
Oct 3 00:00:51 24.225.171.36:34147 -> xxx.yyy.81.85:4919 INVALIDACK ***A*R*F
Oct 3 00:00:55 24.225.171.36:34147 -> xxx.yyy.81.85:4907 INVALIDACK ***A*R*F
[...]
Oct 3 23:58:47 24.225.171.36:34147 -> xxx.yyy.81.85:4387 INVALIDACK ***A*R*F
Oct 3 23:58:51 24.225.171.36:34147 -> xxx.yyy.81.85:4399 INVALIDACK ***A*R*F
Oct 3 23:58:56 24.225.171.36:34147 -> xxx.yyy.81.85:4386 INVALIDACK ***A*R*F
Oct 3 23:59:49 24.225.171.36:34147 -> xxx.yyy.81.85:3452 INVALIDACK ***A*R*F
Oct 3 23:59:49 24.225.171.36:34147 -> xxx.yyy.81.85:3453 INVALIDACK ***A*R*F
Oct 3 23:59:52 24.225.171.36:34147 -> xxx.yyy.81.85:3451 INVALIDACK ***A*R*F
Oct 3 23:59:58 24.225.171.36:34147 -> xxx.yyy.81.85:3452 INVALIDACK ***A*R*F
Oct 3 23:59:58 24.225.171.36:34147 -> xxx.yyy.81.85:3451 INVALIDACK ***A*R*F
Oct 3 23:59:58 24.225.171.36:34147 -> xxx.yyy.81.85:3453 INVALIDACK ***A*R*F
7767
Oct 3 01:00:16 221.192.37.27:2484 -> xxx.yyy.133.15:1023 SYN ******S*
Oct 3 01:00:18 221.192.37.27:3701 -> xxx.yyy.133.15:9898 SYN ******S*
Oct 3 01:00:16 221.192.37.27:2489 -> xxx.yyy.133.18:1023 SYN ******S*
Oct 3 01:00:18 221.192.37.27:3716 -> xxx.yyy.133.18:9898 SYN ******S*
Oct 3 01:00:16 221.192.37.27:2486 -> xxx.yyy.133.17:1023 SYN ******S*
Oct 3 01:00:18 221.192.37.27:3710 -> xxx.yyy.133.17:9898 SYN ******S*
Oct 3 01:00:16 221.192.37.27:2492 -> xxx.yyy.133.14:1023 SYN ******S*
Oct 3 01:00:18 221.192.37.27:3718 -> xxx.yyy.133.14:9898 SYN ******S*
[...]
Oct 3 01:01:01 221.192.37.27:4141 -> xxx.yyy.133.40:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4165 -> xxx.yyy.133.46:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4194 -> xxx.yyy.133.31:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4387 -> xxx.yyy.133.49:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4402 -> xxx.yyy.133.42:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4397 -> xxx.yyy.133.43:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4408 -> xxx.yyy.133.52:9898 SYN ******S*
Oct 3 01:01:01 221.192.37.27:4355 -> xxx.yyy.133.55:9898 SYN ******S*
Oct 3 01:01:02 221.192.37.27:4466 -> xxx.yyy.133.50:9898 SYN ******S*
7557
Oct 3 23:56:06 211.198.145.218:2097 -> xxx.yyy.153.137:5554 SYN ******S*
Oct 3 23:56:07 211.198.145.218:2600 -> xxx.yyy.153.137:1023 SYN ******S*
Oct 3 23:56:06 211.198.145.218:2110 -> xxx.yyy.153.144:5554 SYN ******S*
Oct 3 23:56:09 211.198.145.218:3566 -> xxx.yyy.153.144:9898 SYN ******S*
Oct 3 23:56:07 211.198.145.218:2116 -> xxx.yyy.153.148:5554 SYN ******S*
Oct 3 23:56:06 211.198.145.218:2099 -> xxx.yyy.153.136:5554 SYN ******S*
Oct 3 23:56:06 211.198.145.218:2102 -> xxx.yyy.153.139:5554 SYN ******S*
Oct 3 23:56:06 211.198.145.218:2105 -> xxx.yyy.153.142:5554 SYN ******S*
[...]
Oct 3 23:57:30 211.198.145.218:3565 -> xxx.yyy.174.220:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3528 -> xxx.yyy.174.195:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3567 -> xxx.yyy.174.222:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3564 -> xxx.yyy.174.219:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3534 -> xxx.yyy.174.198:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3540 -> xxx.yyy.174.201:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3541 -> xxx.yyy.174.202:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3542 -> xxx.yyy.174.203:9898 SYN ******S*
Oct 3 23:57:30 211.198.145.218:3526 -> xxx.yyy.174.194:9898 SYN ******S*
6790
Oct 3 00:56:43 221.202.55.92:4925 -> xxx.yyy.215.216:5554 SYN ******S*
Oct 3 00:56:43 221.202.55.92:4930 -> xxx.yyy.215.217:5554 SYN ******S*
Oct 3 00:56:46 221.202.55.92:2586 -> xxx.yyy.215.217:9898 SYN ******S*
Oct 3 00:56:43 221.202.55.92:4937 -> xxx.yyy.215.218:5554 SYN ******S*
Oct 3 00:56:44 221.202.55.92:1514 -> xxx.yyy.215.218:1023 SYN ******S*
Oct 3 00:56:46 221.202.55.92:2587 -> xxx.yyy.215.218:9898 SYN ******S*
Oct 3 00:56:43 221.202.55.92:4938 -> xxx.yyy.215.219:5554 SYN ******S*
Oct 3 00:56:44 221.202.55.92:1515 -> xxx.yyy.215.219:1023 SYN ******S*
[...]
Oct 3 00:57:26 221.202.55.92:4633 -> xxx.yyy.236.26:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4634 -> xxx.yyy.236.27:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4649 -> xxx.yyy.236.40:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4687 -> xxx.yyy.236.54:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4690 -> xxx.yyy.236.57:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4700 -> xxx.yyy.236.67:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4713 -> xxx.yyy.236.70:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4757 -> xxx.yyy.217.127:9898 SYN ******S*
Oct 3 00:57:26 221.202.55.92:4765 -> xxx.yyy.217.134:9898 SYN ******S*
6365
Oct 3 00:56:04 218.65.28.227:1416 -> xxx.yyy.235.113:5554 SYN ******S*
Oct 3 00:56:04 218.65.28.227:1419 -> xxx.yyy.235.115:5554 SYN ******S*
Oct 3 00:56:07 218.65.28.227:3755 -> xxx.yyy.235.115:9898 SYN ******S*
Oct 3 00:56:04 218.65.28.227:1423 -> xxx.yyy.235.118:5554 SYN ******S*
Oct 3 00:56:04 218.65.28.227:1424 -> xxx.yyy.235.119:5554 SYN ******S*
Oct 3 00:56:04 218.65.28.227:1425 -> xxx.yyy.235.120:5554 SYN ******S*
Oct 3 00:56:04 218.65.28.227:1426 -> xxx.yyy.235.121:5554 SYN ******S*
Oct 3 00:56:05 218.65.28.227:2142 -> xxx.yyy.235.121:1023 SYN ******S*
[...]
Oct 3 00:56:46 218.65.28.227:3286 -> xxx.yyy.255.113:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3295 -> xxx.yyy.255.130:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3363 -> xxx.yyy.255.150:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3370 -> xxx.yyy.255.158:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3385 -> xxx.yyy.255.133:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3386 -> xxx.yyy.255.137:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3389 -> xxx.yyy.255.138:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3410 -> xxx.yyy.255.189:9898 SYN ******S*
Oct 3 00:56:46 218.65.28.227:3412 -> xxx.yyy.255.201:9898 SYN ******S*
6020
Oct 3 10:43:08 221.236.87.84:3714 -> xxx.yyy.1.1:1433 SYN ******S*
Oct 3 10:43:11 221.236.87.84:3718 -> xxx.yyy.1.2:1433 SYN ******S*
Oct 3 10:43:08 221.236.87.84:3720 -> xxx.yyy.1.3:1433 SYN ******S*
Oct 3 10:43:11 221.236.87.84:3723 -> xxx.yyy.1.5:1433 SYN ******S*
Oct 3 10:43:08 221.236.87.84:3727 -> xxx.yyy.1.6:1433 SYN ******S*
Oct 3 10:43:08 221.236.87.84:3773 -> xxx.yyy.1.11:1433 SYN ******S*
Oct 3 10:43:08 221.236.87.84:3779 -> xxx.yyy.1.13:1433 SYN ******S*
Oct 3 10:43:08 221.236.87.84:3707 -> xxx.yyy.1.0:1433 SYN ******S*
[...]
Oct 3 11:44:10 221.236.87.84:3960 -> xxx.yyy.68.151:1433 SYN ******S*
Oct 3 11:44:10 221.236.87.84:3292 -> xxx.yyy.68.196:1433 SYN ******S*
Oct 3 11:44:10 221.236.87.84:3999 -> xxx.yyy.68.152:1433 SYN ******S*
Oct 3 11:44:11 221.236.87.84:4031 -> xxx.yyy.68.153:1433 SYN ******S*
Oct 3 11:44:11 221.236.87.84:3959 -> xxx.yyy.68.150:1433 SYN ******S*
Oct 3 11:44:12 221.236.87.84:4297 -> xxx.yyy.68.158:1433 SYN ******S*
Oct 3 11:44:12 221.236.87.84:3443 -> xxx.yyy.68.197:1433 SYN ******S*
Oct 3 11:44:13 221.236.87.84:3511 -> xxx.yyy.68.201:1433 SYN ******S*
5843
Oct 3 23:56:58 220.118.17.163:1859 -> xxx.yyy.133.237:5554 SYN ******S*
Oct 3 23:56:58 220.118.17.163:1842 -> xxx.yyy.133.248:5554 SYN ******S*
Oct 3 23:56:58 220.118.17.163:1865 -> xxx.yyy.134.7:5554 SYN ******S*
Oct 3 23:56:59 220.118.17.163:2058 -> xxx.yyy.134.9:5554 SYN ******S*
Oct 3 23:56:59 220.118.17.163:2061 -> xxx.yyy.134.11:5554 SYN ******S*
Oct 3 23:56:59 220.118.17.163:2074 -> xxx.yyy.134.12:5554 SYN ******S*
Oct 3 23:56:59 220.118.17.163:2088 -> xxx.yyy.133.234:1023 SYN ******S*
Oct 3 23:56:59 220.118.17.163:2090 -> xxx.yyy.134.3:1023 SYN ******S*
[...]
Oct 3 23:59:01 220.118.17.163:3610 -> xxx.yyy.154.7:9898 SYN ******S*
Oct 3 23:59:01 220.118.17.163:3654 -> xxx.yyy.154.12:9898 SYN ******S*
Oct 3 23:59:01 220.118.17.163:3648 -> xxx.yyy.154.9:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:3925 -> xxx.yyy.154.41:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:3980 -> xxx.yyy.154.64:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:3992 -> xxx.yyy.154.69:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:3993 -> xxx.yyy.154.68:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:4001 -> xxx.yyy.154.73:9898 SYN ******S*
Oct 3 23:59:02 220.118.17.163:4185 -> xxx.yyy.154.98:9898 SYN ******S*
5830
--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu phone: (319) 273-5850 fax: (319) 273-7373
More information about the Intrusions
mailing list