[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken.Connelly at uni.edu
Ken.Connelly at uni.edu
Fri Sep 3 13:22:12 GMT 2004
The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.
Sep 2 00:02:19 80.8.158.174:4969 -> xxx.yyy.64.0:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4970 -> xxx.yyy.64.1:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4971 -> xxx.yyy.64.2:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4975 -> xxx.yyy.64.5:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4979 -> xxx.yyy.64.6:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4985 -> xxx.yyy.64.9:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4983 -> xxx.yyy.64.8:1433 SYN ******S*
Sep 2 00:02:19 80.8.158.174:4980 -> xxx.yyy.64.7:1433 SYN ******S*
[...]
Sep 2 02:54:37 80.8.158.174:3091 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 2 02:54:37 80.8.158.174:3093 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 2 02:54:37 80.8.158.174:3097 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 2 02:54:37 80.8.158.174:3103 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 2 02:54:37 80.8.158.174:3105 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 2 02:54:37 80.8.158.174:3107 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 2 02:54:38 80.8.158.174:3110 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 2 02:54:38 80.8.158.174:3113 -> xxx.yyy.255.254:1433 SYN ******S*
93752
Sep 2 20:42:34 64.223.53.196:3005 -> xxx.yyy.29.0:1433 SYN ******S*
Sep 2 20:42:31 64.223.53.196:3008 -> xxx.yyy.29.3:1433 SYN ******S*
Sep 2 20:42:31 64.223.53.196:3011 -> xxx.yyy.29.5:1433 SYN ******S*
Sep 2 20:42:34 64.223.53.196:3013 -> xxx.yyy.29.7:1433 SYN ******S*
Sep 2 20:42:31 64.223.53.196:3019 -> xxx.yyy.29.10:1433 SYN ******S*
Sep 2 20:42:34 64.223.53.196:3020 -> xxx.yyy.29.11:1433 SYN ******S*
Sep 2 20:42:31 64.223.53.196:3023 -> xxx.yyy.29.12:1433 SYN ******S*
Sep 2 20:42:34 64.223.53.196:3028 -> xxx.yyy.29.13:1433 SYN ******S*
[...]
Sep 2 23:59:59 64.223.53.196:2256 -> xxx.yyy.248.98:1433 SYN ******S*
Sep 2 23:59:59 64.223.53.196:2272 -> xxx.yyy.248.103:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2274 -> xxx.yyy.248.104:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2283 -> xxx.yyy.248.107:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2282 -> xxx.yyy.248.106:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2280 -> xxx.yyy.248.105:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2289 -> xxx.yyy.248.110:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2287 -> xxx.yyy.248.109:1433 SYN ******S*
Sep 3 00:00:00 64.223.53.196:2529 -> xxx.yyy.248.131:1433 SYN ******S*
81366
Sep 2 07:38:14 142.59.57.201:4581 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4583 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4585 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4590 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 2 07:38:12 142.59.57.201:4594 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4595 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4599 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 07:38:14 142.59.57.201:4602 -> xxx.yyy.1.7:1433 SYN ******S*
[...]
Sep 2 11:26:59 142.59.57.201:4602 -> xxx.yyy.255.243:1433 SYN ******S*
Sep 2 11:26:59 142.59.57.201:4618 -> xxx.yyy.255.245:1433 SYN ******S*
Sep 2 11:26:59 142.59.57.201:4622 -> xxx.yyy.255.246:1433 SYN ******S*
Sep 2 11:27:00 142.59.57.201:4630 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 2 11:27:00 142.59.57.201:4638 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 2 11:27:00 142.59.57.201:4643 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 2 11:27:00 142.59.57.201:4648 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 2 11:27:00 142.59.57.201:4657 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 2 11:27:01 142.59.57.201:4673 -> xxx.yyy.255.254:1433 SYN ******S*
75172
Sep 2 02:27:13 24.106.207.231:3623 -> xxx.yyy.1.1:4899 SYN ******S*
Sep 2 02:27:13 24.106.207.231:3625 -> xxx.yyy.1.2:4899 SYN ******S*
Sep 2 02:27:13 24.106.207.231:3627 -> xxx.yyy.1.3:4899 SYN ******S*
Sep 2 02:27:14 24.106.207.231:3631 -> xxx.yyy.1.5:4899 SYN ******S*
Sep 2 02:27:14 24.106.207.231:3629 -> xxx.yyy.1.4:4899 SYN ******S*
Sep 2 02:27:14 24.106.207.231:3635 -> xxx.yyy.1.7:4899 SYN ******S*
Sep 2 02:27:14 24.106.207.231:3633 -> xxx.yyy.1.6:4899 SYN ******S*
Sep 2 02:27:14 24.106.207.231:3637 -> xxx.yyy.1.8:4899 SYN ******S*
[...]
Sep 2 03:12:24 24.106.207.231:2713 -> xxx.yyy.zzz.245:4899 SYN ******S*
Sep 2 03:12:24 24.106.207.231:2708 -> xxx.yyy.zzz.240:4899 SYN ******S*
Sep 2 03:12:24 24.106.207.231:2709 -> xxx.yyy.zzz.241:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2719 -> xxx.yyy.zzz.251:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2718 -> xxx.yyy.zzz.250:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2722 -> xxx.yyy.zzz.254:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2720 -> xxx.yyy.zzz.252:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2721 -> xxx.yyy.zzz.253:4899 SYN ******S*
Sep 2 03:12:25 24.106.207.231:2717 -> xxx.yyy.zzz.249:4899 SYN ******S*
70983
Sep 2 06:18:11 63.172.124.58:2426 -> xxx.yyy.1.1:8443 SYN ******S*
Sep 2 06:18:11 63.172.124.58:2427 -> xxx.yyy.1.2:8443 SYN ******S*
Sep 2 06:18:11 63.172.124.58:2428 -> xxx.yyy.1.3:8443 SYN ******S*
Sep 2 06:18:13 63.172.124.58:2429 -> xxx.yyy.1.4:8443 SYN ******S*
Sep 2 06:18:13 63.172.124.58:2430 -> xxx.yyy.1.5:8443 SYN ******S*
Sep 2 06:18:13 63.172.124.58:2431 -> xxx.yyy.1.6:8443 SYN ******S*
Sep 2 06:18:13 63.172.124.58:2433 -> xxx.yyy.1.8:8443 SYN ******S*
Sep 2 06:18:13 63.172.124.58:2432 -> xxx.yyy.1.7:8443 SYN ******S*
[...]
Sep 2 06:30:06 63.172.124.58:1057 -> xxx.yyy.255.238:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1071 -> xxx.yyy.255.252:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1068 -> xxx.yyy.255.249:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1065 -> xxx.yyy.255.246:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1072 -> xxx.yyy.255.253:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1070 -> xxx.yyy.255.251:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1069 -> xxx.yyy.255.250:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1066 -> xxx.yyy.255.247:8443 SYN ******S*
Sep 2 06:30:06 63.172.124.58:1067 -> xxx.yyy.255.248:8443 SYN ******S*
70480
Sep 2 01:41:56 149.169.41.149:2836 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 01:41:56 149.169.41.149:2837 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 01:41:56 149.169.41.149:2838 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 2 01:41:56 149.169.41.149:2839 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 01:41:59 149.169.41.149:2840 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 2 01:41:59 149.169.41.149:2841 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 01:41:59 149.169.41.149:2842 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 01:41:59 149.169.41.149:2843 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Sep 2 01:52:54 149.169.41.149:1813 -> xxx.yyy.255.238:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1827 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1824 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1825 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1829 -> xxx.yyy.255.254:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1826 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1828 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 2 01:52:54 149.169.41.149:1823 -> xxx.yyy.255.248:1433 SYN ******S*
64536
Sep 2 22:25:07 195.56.144.154:2831 -> xxx.yyy.1.3:3306 SYN ******S*
Sep 2 22:25:06 195.56.144.154:2832 -> xxx.yyy.1.4:3306 SYN ******S*
Sep 2 22:25:09 195.56.144.154:2834 -> xxx.yyy.1.6:3306 SYN ******S*
Sep 2 22:25:09 195.56.144.154:2836 -> xxx.yyy.1.8:3306 SYN ******S*
Sep 2 22:25:09 195.56.144.154:2837 -> xxx.yyy.1.9:3306 SYN ******S*
Sep 2 22:25:08 195.56.144.154:2839 -> xxx.yyy.1.11:3306 SYN ******S*
Sep 2 22:25:07 195.56.144.154:2843 -> xxx.yyy.1.15:3306 SYN ******S*
Sep 2 22:25:08 195.56.144.154:2844 -> xxx.yyy.1.16:3306 SYN ******S*
[...]
Sep 2 22:36:49 195.56.144.154:1445 -> xxx.yyy.255.250:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1447 -> xxx.yyy.255.252:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1446 -> xxx.yyy.255.251:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1442 -> xxx.yyy.255.247:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1440 -> xxx.yyy.255.245:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1443 -> xxx.yyy.255.248:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1444 -> xxx.yyy.255.249:3306 SYN ******S*
Sep 2 22:36:49 195.56.144.154:1441 -> xxx.yyy.255.246:3306 SYN ******S*
50149
Sep 2 09:54:49 149.169.72.37:2047 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2048 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2049 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2050 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2051 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2052 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2053 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 09:54:52 149.169.72.37:2055 -> xxx.yyy.1.9:1433 SYN ******S*
[...]
Sep 2 10:05:47 149.169.72.37:4636 -> xxx.yyy.255.245:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4633 -> xxx.yyy.255.242:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4630 -> xxx.yyy.255.239:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4634 -> xxx.yyy.255.243:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4637 -> xxx.yyy.255.246:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4631 -> xxx.yyy.255.240:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4635 -> xxx.yyy.255.244:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4632 -> xxx.yyy.255.241:1433 SYN ******S*
Sep 2 10:05:47 149.169.72.37:4629 -> xxx.yyy.255.238:1433 SYN ******S*
39328
Sep 2 08:02:47 24.45.180.116:3053 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3055 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3057 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3061 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3063 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3065 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3067 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 2 08:02:47 24.45.180.116:3069 -> xxx.yyy.1.9:1433 SYN ******S*
[...]
Sep 2 08:13:18 24.45.180.116:3860 -> xxx.yyy.255.246:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3862 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3864 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3866 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3868 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3870 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3872 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3874 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 2 08:13:18 24.45.180.116:3876 -> xxx.yyy.255.254:1433 SYN ******S*
38656
Sep 2 09:34:58 217.174.196.252:2582 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2583 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 09:35:01 217.174.196.252:2584 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2586 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2590 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2591 -> xxx.yyy.1.9:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2592 -> xxx.yyy.1.10:1433 SYN ******S*
Sep 2 09:34:58 217.174.196.252:2595 -> xxx.yyy.1.13:1433 SYN ******S*
[...]
Sep 2 09:38:13 217.174.196.252:4808 -> xxx.yyy.255.233:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4805 -> xxx.yyy.255.231:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4802 -> xxx.yyy.255.228:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4798 -> xxx.yyy.255.224:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4801 -> xxx.yyy.255.227:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4812 -> xxx.yyy.255.237:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4799 -> xxx.yyy.255.225:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4803 -> xxx.yyy.255.229:1433 SYN ******S*
Sep 2 09:38:13 217.174.196.252:4816 -> xxx.yyy.255.241:1433 SYN ******S*
35737
Sep 2 03:11:28 195.136.135.41:3354 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3357 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3360 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3363 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3366 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3372 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3375 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 03:11:28 195.136.135.41:3378 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Sep 2 05:08:24 195.136.135.41:2381 -> xxx.yyy.131.116:1433 SYN ******S*
Sep 2 05:08:24 195.136.135.41:2384 -> xxx.yyy.131.117:1433 SYN ******S*
Sep 2 05:08:24 195.136.135.41:2388 -> xxx.yyy.131.118:1433 SYN ******S*
Sep 2 05:08:25 195.136.135.41:2399 -> xxx.yyy.131.120:1433 SYN ******S*
Sep 2 05:08:25 195.136.135.41:2327 -> xxx.yyy.131.97:1433 SYN ******S*
Sep 2 05:08:25 195.136.135.41:2400 -> xxx.yyy.131.121:1433 SYN ******S*
Sep 2 05:08:25 195.136.135.41:2330 -> xxx.yyy.131.98:1433 SYN ******S*
Sep 2 05:08:25 195.136.135.41:2405 -> xxx.yyy.131.122:1433 SYN ******S*
35654
Sep 2 01:36:39 211.219.58.60:4229 -> xxx.yyy.1.1:4899 SYN ******S*
Sep 2 01:36:38 211.219.58.60:4232 -> xxx.yyy.1.2:4899 SYN ******S*
Sep 2 01:36:38 211.219.58.60:4233 -> xxx.yyy.1.3:4899 SYN ******S*
Sep 2 01:36:37 211.219.58.60:4234 -> xxx.yyy.1.4:4899 SYN ******S*
Sep 2 01:36:37 211.219.58.60:4236 -> xxx.yyy.1.5:4899 SYN ******S*
Sep 2 01:36:37 211.219.58.60:4241 -> xxx.yyy.1.7:4899 SYN ******S*
Sep 2 01:36:37 211.219.58.60:4238 -> xxx.yyy.1.6:4899 SYN ******S*
Sep 2 01:36:37 211.219.58.60:4264 -> xxx.yyy.1.12:4899 SYN ******S*
[...]
Sep 2 01:40:56 211.219.58.60:3188 -> xxx.yyy.255.233:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3189 -> xxx.yyy.255.234:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3191 -> xxx.yyy.255.236:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3192 -> xxx.yyy.255.237:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3199 -> xxx.yyy.255.244:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3201 -> xxx.yyy.255.246:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3202 -> xxx.yyy.255.247:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3200 -> xxx.yyy.255.245:4899 SYN ******S*
Sep 2 01:40:56 211.219.58.60:3208 -> xxx.yyy.255.253:4899 SYN ******S*
33660
[...]
30475
Sep 2 13:33:37 217.127.40.220:3447 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3449 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3450 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3451 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3452 -> xxx.yyy.1.9:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3453 -> xxx.yyy.1.10:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3456 -> xxx.yyy.1.13:1433 SYN ******S*
Sep 2 13:33:37 217.127.40.220:3459 -> xxx.yyy.1.16:1433 SYN ******S*
[...]
Sep 2 13:44:33 217.127.40.220:3879 -> xxx.yyy.255.218:1433 SYN ******S*
Sep 2 13:44:33 217.127.40.220:3892 -> xxx.yyy.255.231:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3887 -> xxx.yyy.255.226:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3888 -> xxx.yyy.255.227:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3899 -> xxx.yyy.255.238:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3893 -> xxx.yyy.255.232:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3897 -> xxx.yyy.255.236:1433 SYN ******S*
Sep 2 13:44:34 217.127.40.220:3914 -> xxx.yyy.255.253:1433 SYN ******S*
29683
Sep 2 04:14:34 203.247.253.70:3932 -> xxx.yyy.1.6:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3931 -> xxx.yyy.1.5:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3938 -> xxx.yyy.1.12:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3943 -> xxx.yyy.1.17:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3929 -> xxx.yyy.1.3:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3933 -> xxx.yyy.1.7:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3946 -> xxx.yyy.1.20:3389 SYN ******S*
Sep 2 04:14:34 203.247.253.70:3944 -> xxx.yyy.1.18:3389 SYN ******S*
[...]
Sep 2 04:15:18 203.247.253.70:3969 -> xxx.yyy.255.123:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3958 -> xxx.yyy.255.112:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3959 -> xxx.yyy.255.113:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3945 -> xxx.yyy.255.149:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3949 -> xxx.yyy.255.103:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3965 -> xxx.yyy.255.119:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3951 -> xxx.yyy.255.105:3389 SYN ******S*
Sep 2 04:15:18 203.247.253.70:3966 -> xxx.yyy.255.120:3389 SYN ******S*
29617
Sep 2 00:17:07 220.81.220.59:2934 -> xxx.yyy.1.2:4899 SYN ******S*
Sep 2 00:17:06 220.81.220.59:2933 -> xxx.yyy.1.1:4899 SYN ******S*
Sep 2 00:17:05 220.81.220.59:2939 -> xxx.yyy.1.7:4899 SYN ******S*
Sep 2 00:17:05 220.81.220.59:2942 -> xxx.yyy.1.10:4899 SYN ******S*
Sep 2 00:17:07 220.81.220.59:2943 -> xxx.yyy.1.11:4899 SYN ******S*
Sep 2 00:17:05 220.81.220.59:2938 -> xxx.yyy.1.6:4899 SYN ******S*
Sep 2 00:17:05 220.81.220.59:2947 -> xxx.yyy.1.15:4899 SYN ******S*
Sep 2 00:17:05 220.81.220.59:2944 -> xxx.yyy.1.12:4899 SYN ******S*
[...]
Sep 2 00:19:54 220.81.220.59:2434 -> xxx.yyy.252.76:4899 SYN ******S*
Sep 2 00:19:54 220.81.220.59:2441 -> xxx.yyy.252.83:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3221 -> xxx.yyy.255.69:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3216 -> xxx.yyy.255.66:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3229 -> xxx.yyy.255.77:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3222 -> xxx.yyy.255.70:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3230 -> xxx.yyy.255.78:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3262 -> xxx.yyy.255.100:4899 SYN ******S*
Sep 2 00:19:56 220.81.220.59:3231 -> xxx.yyy.255.79:4899 SYN ******S*
27950
[...]
17588
Sep 2 00:13:56 65.54.188.52:47144 -> xxx.yyy.241.255:80 SYN ******S*
Sep 2 00:13:56 65.54.188.52:47228 -> xxx.yyy.241.179:80 SYN ******S*
Sep 2 00:13:55 65.54.188.52:46540 -> xxx.yyy.243.44:80 SYN ******S*
Sep 2 00:13:51 65.54.188.52:45470 -> xxx.yyy.233.181:80 SYN ******S*
Sep 2 00:13:55 65.54.188.52:46746 -> xxx.yyy.241.30:80 SYN ******S*
Sep 2 00:13:55 65.54.188.52:46871 -> xxx.yyy.241.29:80 SYN ******S*
Sep 2 00:13:56 65.54.188.52:46930 -> xxx.yyy.1.13:80 SYN ******S*
Sep 2 00:13:56 65.54.188.52:47189 -> xxx.yyy.1.60:80 SYN ******S*
[...]
Sep 2 23:29:51 65.54.188.52:27005 -> xxx.yyy.241.179:80 SYN ******S*
Sep 2 23:29:51 65.54.188.52:27087 -> xxx.yyy.248.4:80 SYN ******S*
Sep 2 23:29:52 65.54.188.52:27227 -> xxx.yyy.241.29:80 SYN ******S*
Sep 2 23:29:56 65.54.188.52:27250 -> xxx.yyy.212.75:80 SYN ******S*
Sep 2 23:30:50 65.54.188.52:31594 -> xxx.yyy.241.179:80 SYN ******S*
Sep 2 23:30:49 65.54.188.52:31305 -> xxx.yyy.241.255:80 SYN ******S*
Sep 2 23:30:45 65.54.188.52:27963 -> xxx.yyy.248.180:80 SYN ******S*
Sep 2 23:30:46 65.54.188.52:30387 -> xxx.yyy.208.6:80 SYN ******S*
Sep 2 23:30:48 65.54.188.52:30782 -> xxx.yyy.14.23:80 SYN ******S*
12468
Sep 2 13:37:22 82.41.186.130:4302 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 2 13:37:22 82.41.186.130:4312 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 2 13:37:22 82.41.186.130:4313 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 2 13:37:22 82.41.186.130:4315 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 2 13:37:22 82.41.186.130:4318 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 2 13:37:22 82.41.186.130:4324 -> xxx.yyy.1.10:1433 SYN ******S*
Sep 2 13:37:19 82.41.186.130:4327 -> xxx.yyy.1.11:1433 SYN ******S*
Sep 2 13:37:19 82.41.186.130:4339 -> xxx.yyy.1.14:1433 SYN ******S*
[...]
Sep 2 14:40:00 82.41.186.130:1915 -> xxx.yyy.70.95:1433 SYN ******S*
Sep 2 14:40:00 82.41.186.130:1924 -> xxx.yyy.70.98:1433 SYN ******S*
Sep 2 14:40:00 82.41.186.130:1922 -> xxx.yyy.70.97:1433 SYN ******S*
Sep 2 14:40:01 82.41.186.130:2116 -> xxx.yyy.70.107:1433 SYN ******S*
Sep 2 14:40:01 82.41.186.130:2119 -> xxx.yyy.70.110:1433 SYN ******S*
Sep 2 14:40:01 82.41.186.130:2120 -> xxx.yyy.70.111:1433 SYN ******S*
Sep 2 14:40:02 82.41.186.130:2122 -> xxx.yyy.70.113:1433 SYN ******S*
Sep 2 14:40:02 82.41.186.130:2123 -> xxx.yyy.70.114:1433 SYN ******S*
6775
Sep 2 10:12:09 82.42.129.232:22002 -> xxx.yyy.1.0:3127 SYN ******S*
Sep 2 10:12:10 82.42.129.232:22002 -> xxx.yyy.1.2:3128 SYN ******S*
Sep 2 10:12:10 82.42.129.232:22002 -> xxx.yyy.1.3:1080 SYN ******S*
Sep 2 10:12:10 82.42.129.232:22002 -> xxx.yyy.1.3:10080 SYN ******S*
Sep 2 10:12:10 82.42.129.232:22002 -> xxx.yyy.1.4:3127 SYN ******S*
Sep 2 10:12:10 82.42.129.232:22002 -> xxx.yyy.1.4:10080 SYN ******S*
Sep 2 10:12:11 82.42.129.232:22002 -> xxx.yyy.1.4:3128 SYN ******S*
Sep 2 10:12:11 82.42.129.232:22002 -> xxx.yyy.1.5:3127 SYN ******S*
[...]
Sep 2 11:12:26 82.42.129.232:22002 -> xxx.yyy.33.251:10080 SYN ******S*
Sep 2 11:12:26 82.42.129.232:22002 -> xxx.yyy.33.252:10080 SYN ******S*
Sep 2 11:12:26 82.42.129.232:22002 -> xxx.yyy.33.252:3128 SYN ******S*
Sep 2 11:12:27 82.42.129.232:22002 -> xxx.yyy.33.253:1080 SYN ******S*
Sep 2 11:12:27 82.42.129.232:22002 -> xxx.yyy.33.253:10080 SYN ******S*
Sep 2 11:12:27 82.42.129.232:22002 -> xxx.yyy.33.254:1080 SYN ******S*
Sep 2 11:12:27 82.42.129.232:22002 -> xxx.yyy.33.254:3128 SYN ******S*
Sep 2 11:12:27 82.42.129.232:22002 -> xxx.yyy.33.255:1080 SYN ******S*
6710
Sep 2 23:57:04 221.153.4.232:2087 -> xxx.yyy.72.124:5554 SYN ******S*
Sep 2 23:57:07 221.153.4.232:2809 -> xxx.yyy.72.124:9898 SYN ******S*
Sep 2 23:57:04 221.153.4.232:2088 -> xxx.yyy.72.125:5554 SYN ******S*
Sep 2 23:57:04 221.153.4.232:2090 -> xxx.yyy.72.127:5554 SYN ******S*
Sep 2 23:57:05 221.153.4.232:2393 -> xxx.yyy.72.127:1023 SYN ******S*
Sep 2 23:57:04 221.153.4.232:2093 -> xxx.yyy.72.130:5554 SYN ******S*
Sep 2 23:57:05 221.153.4.232:2396 -> xxx.yyy.72.130:1023 SYN ******S*
Sep 2 23:57:07 221.153.4.232:2815 -> xxx.yyy.72.130:9898 SYN ******S*
[...]
Sep 2 23:58:30 221.153.4.232:3347 -> xxx.yyy.92.221:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3349 -> xxx.yyy.92.223:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3348 -> xxx.yyy.92.222:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3332 -> xxx.yyy.92.206:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3333 -> xxx.yyy.92.207:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3334 -> xxx.yyy.92.208:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3360 -> xxx.yyy.92.226:9898 SYN ******S*
Sep 2 23:58:30 221.153.4.232:3364 -> xxx.yyy.92.230:9898 SYN ******S*
6554
Sep 2 23:56:12 220.127.132.118:1248 -> xxx.yyy.153.154:5554 SYN ******S*
Sep 2 23:56:13 220.127.132.118:1711 -> xxx.yyy.153.154:1023 SYN ******S*
Sep 2 23:56:11 220.127.132.118:1247 -> xxx.yyy.153.155:5554 SYN ******S*
Sep 2 23:56:12 220.127.132.118:1710 -> xxx.yyy.153.155:1023 SYN ******S*
Sep 2 23:56:14 220.127.132.118:2629 -> xxx.yyy.153.155:9898 SYN ******S*
Sep 2 23:56:11 220.127.132.118:1251 -> xxx.yyy.153.151:5554 SYN ******S*
Sep 2 23:56:11 220.127.132.118:1250 -> xxx.yyy.153.152:5554 SYN ******S*
Sep 2 23:56:12 220.127.132.118:1253 -> xxx.yyy.153.148:5554 SYN ******S*
[...]
Sep 2 23:56:58 220.127.132.118:1342 -> xxx.yyy.173.129:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1357 -> xxx.yyy.173.130:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1359 -> xxx.yyy.173.132:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1417 -> xxx.yyy.173.134:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1486 -> xxx.yyy.173.146:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1490 -> xxx.yyy.173.150:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1658 -> xxx.yyy.173.165:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1666 -> xxx.yyy.173.168:9898 SYN ******S*
Sep 2 23:56:58 220.127.132.118:1739 -> xxx.yyy.173.216:9898 SYN ******S*
6322
Sep 2 23:56:37 220.77.169.120:1333 -> xxx.yyy.195.97:5554 SYN ******S*
Sep 2 23:56:38 220.77.169.120:2563 -> xxx.yyy.195.97:1023 SYN ******S*
Sep 2 23:56:40 220.77.169.120:1864 -> xxx.yyy.195.97:9898 SYN ******S*
Sep 2 23:56:37 220.77.169.120:1339 -> xxx.yyy.195.99:5554 SYN ******S*
Sep 2 23:56:38 220.77.169.120:2570 -> xxx.yyy.195.99:1023 SYN ******S*
Sep 2 23:56:40 220.77.169.120:1871 -> xxx.yyy.195.99:9898 SYN ******S*
Sep 2 23:56:37 220.77.169.120:1245 -> xxx.yyy.195.89:5554 SYN ******S*
Sep 2 23:56:40 220.77.169.120:1836 -> xxx.yyy.195.89:9898 SYN ******S*
[...]
Sep 2 23:58:18 220.77.169.120:4599 -> xxx.yyy.215.156:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4592 -> xxx.yyy.215.151:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4594 -> xxx.yyy.215.152:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4597 -> xxx.yyy.215.153:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4702 -> xxx.yyy.215.179:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4735 -> xxx.yyy.215.162:9898 SYN ******S*
Sep 2 23:58:18 220.77.169.120:4736 -> xxx.yyy.215.163:9898 SYN ******S*
Sep 2 23:58:19 220.77.169.120:1879 -> xxx.yyy.215.192:9898 SYN ******S*
6278
Sep 2 23:56:15 220.87.38.54:2560 -> xxx.yyy.174.65:5554 SYN ******S*
Sep 2 23:56:15 220.87.38.54:2568 -> xxx.yyy.174.55:5554 SYN ******S*
Sep 2 23:56:16 220.87.38.54:3042 -> xxx.yyy.174.55:1023 SYN ******S*
Sep 2 23:56:18 220.87.38.54:1107 -> xxx.yyy.174.55:9898 SYN ******S*
Sep 2 23:56:15 220.87.38.54:2571 -> xxx.yyy.174.52:5554 SYN ******S*
Sep 2 23:56:16 220.87.38.54:3045 -> xxx.yyy.174.52:1023 SYN ******S*
Sep 2 23:56:15 220.87.38.54:2559 -> xxx.yyy.174.67:5554 SYN ******S*
Sep 2 23:56:16 220.87.38.54:3029 -> xxx.yyy.174.67:1023 SYN ******S*
[...]
Sep 2 23:57:09 220.87.38.54:1214 -> xxx.yyy.194.47:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1225 -> xxx.yyy.194.75:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1232 -> xxx.yyy.194.108:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1226 -> xxx.yyy.194.76:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1241 -> xxx.yyy.194.97:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1243 -> xxx.yyy.194.24:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1311 -> xxx.yyy.194.48:9898 SYN ******S*
Sep 2 23:57:09 220.87.38.54:1319 -> xxx.yyy.194.110:9898 SYN ******S*
6051
Sep 2 01:00:28 221.199.162.105:1500 -> xxx.yyy.215.217:5554 SYN ******S*
Sep 2 01:00:28 221.199.162.105:1507 -> xxx.yyy.215.221:5554 SYN ******S*
Sep 2 01:00:28 221.199.162.105:1516 -> xxx.yyy.215.228:5554 SYN ******S*
Sep 2 01:00:29 221.199.162.105:2311 -> xxx.yyy.215.228:1023 SYN ******S*
Sep 2 01:00:31 221.199.162.105:4495 -> xxx.yyy.215.228:9898 SYN ******S*
Sep 2 01:00:28 221.199.162.105:1519 -> xxx.yyy.215.230:5554 SYN ******S*
Sep 2 01:00:28 221.199.162.105:1521 -> xxx.yyy.215.232:5554 SYN ******S*
Sep 2 01:00:29 221.199.162.105:2320 -> xxx.yyy.215.232:1023 SYN ******S*
[...]
Sep 2 01:01:11 221.199.162.105:1052 -> xxx.yyy.235.190:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1171 -> xxx.yyy.235.242:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1197 -> xxx.yyy.235.249:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1224 -> xxx.yyy.236.0:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1427 -> xxx.yyy.236.28:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1488 -> xxx.yyy.236.56:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1499 -> xxx.yyy.236.62:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1544 -> xxx.yyy.236.70:9898 SYN ******S*
Sep 2 01:01:11 221.199.162.105:1549 -> xxx.yyy.236.75:9898 SYN ******S*
5805
Sep 2 00:56:25 61.54.39.24:3783 -> xxx.yyy.235.112:1023 SYN ******S*
Sep 2 00:56:27 61.54.39.24:4419 -> xxx.yyy.235.112:9898 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3790 -> xxx.yyy.235.114:1023 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3784 -> xxx.yyy.235.115:1023 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3810 -> xxx.yyy.235.119:1023 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3815 -> xxx.yyy.235.125:1023 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3816 -> xxx.yyy.235.126:1023 SYN ******S*
Sep 2 00:56:25 61.54.39.24:3826 -> xxx.yyy.235.122:1023 SYN ******S*
[...]
Sep 2 00:58:51 61.54.39.24:2890 -> xxx.yyy.255.228:9898 SYN ******S*
Sep 2 00:58:51 61.54.39.24:2868 -> xxx.yyy.255.219:9898 SYN ******S*
Sep 2 00:58:51 61.54.39.24:2865 -> xxx.yyy.255.216:9898 SYN ******S*
Sep 2 00:58:51 61.54.39.24:2875 -> xxx.yyy.255.221:9898 SYN ******S*
Sep 2 00:58:51 61.54.39.24:2880 -> xxx.yyy.255.225:9898 SYN ******S*
Sep 2 00:58:51 61.54.39.24:2881 -> xxx.yyy.255.218:9898 SYN ******S*
Sep 2 00:58:52 61.54.39.24:2906 -> xxx.yyy.255.230:9898 SYN ******S*
Sep 2 00:58:52 61.54.39.24:3009 -> xxx.yyy.255.232:9898 SYN ******S*
Sep 2 00:58:52 61.54.39.24:3017 -> xxx.yyy.255.233:9898 SYN ******S*
5509
--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu phone: (319) 273-5850 fax: (319) 273-7373
More information about the Intrusions
mailing list