[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken.Connelly at uni.edu
Ken.Connelly at uni.edu
Sat Sep 4 14:38:00 GMT 2004
The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.
Sep 3 04:25:05 211.148.212.185:3355 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 3 04:25:05 211.148.212.185:3356 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3357 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3358 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3359 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3360 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3361 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 04:25:06 211.148.212.185:3365 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Sep 3 08:13:47 211.148.212.185:3188 -> xxx.yyy.255.245:1433 SYN ******S*
Sep 3 08:13:47 211.148.212.185:3182 -> xxx.yyy.255.240:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3194 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3193 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3192 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3196 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3195 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3201 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 3 08:13:48 211.148.212.185:3200 -> xxx.yyy.255.252:1433 SYN ******S*
123612
Sep 3 03:55:12 200.155.37.167:4674 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4675 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4677 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4678 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4679 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4680 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4682 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 03:55:12 200.155.37.167:4683 -> xxx.yyy.1.7:1433 SYN ******S*
[...]
Sep 3 07:43:57 200.155.37.167:3996 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:3999 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:4000 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:4001 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:4005 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:4007 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 3 07:43:57 200.155.37.167:4010 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 3 07:43:58 200.155.37.167:4012 -> xxx.yyy.255.254:1433 SYN ******S*
120710
Sep 3 18:54:39 80.230.41.237:3251 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3252 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3253 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 18:54:36 80.230.41.237:3254 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3255 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3257 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3258 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 3 18:54:39 80.230.41.237:3259 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Sep 3 22:48:34 80.230.41.237:3369 -> xxx.yyy.255.243:1433 SYN ******S*
Sep 3 22:48:34 80.230.41.237:3372 -> xxx.yyy.255.246:1433 SYN ******S*
Sep 3 22:48:34 80.230.41.237:3370 -> xxx.yyy.255.244:1433 SYN ******S*
Sep 3 22:48:34 80.230.41.237:3371 -> xxx.yyy.255.245:1433 SYN ******S*
Sep 3 22:48:35 80.230.41.237:3401 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 3 22:48:35 80.230.41.237:3400 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 3 22:48:35 80.230.41.237:3399 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 3 22:48:36 80.230.41.237:3402 -> xxx.yyy.255.253:1433 SYN ******S*
Sep 3 22:48:36 80.230.41.237:3405 -> xxx.yyy.255.254:1433 SYN ******S*
115198
Sep 3 01:48:39 24.225.254.82:4522 -> xxx.yyy.1.0:139 SYN ******S*
Sep 3 01:48:40 24.225.254.82:4523 -> xxx.yyy.1.1:139 SYN ******S*
Sep 3 01:48:37 24.225.254.82:4525 -> xxx.yyy.1.3:139 SYN ******S*
Sep 3 01:48:37 24.225.254.82:4526 -> xxx.yyy.1.4:139 SYN ******S*
Sep 3 01:48:40 24.225.254.82:4527 -> xxx.yyy.1.5:139 SYN ******S*
Sep 3 01:48:40 24.225.254.82:4528 -> xxx.yyy.1.6:139 SYN ******S*
Sep 3 01:48:40 24.225.254.82:4530 -> xxx.yyy.1.8:139 SYN ******S*
Sep 3 01:48:37 24.225.254.82:4531 -> xxx.yyy.1.9:139 SYN ******S*
[...]
Sep 3 02:30:30 24.225.254.82:2156 -> xxx.yyy.255.246:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2157 -> xxx.yyy.255.247:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2159 -> xxx.yyy.255.249:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2160 -> xxx.yyy.255.250:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2162 -> xxx.yyy.255.251:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2166 -> xxx.yyy.255.254:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2164 -> xxx.yyy.255.252:139 SYN ******S*
Sep 3 02:30:30 24.225.254.82:2165 -> xxx.yyy.255.253:139 SYN ******S*
91369
Sep 3 02:12:36 82.36.152.149:1965 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1969 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1971 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1974 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1978 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1980 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1983 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 02:12:36 82.36.152.149:1987 -> xxx.yyy.1.7:1433 SYN ******S*
[...]
Sep 3 05:11:09 82.36.152.149:1957 -> xxx.yyy.200.19:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:1963 -> xxx.yyy.200.20:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:2103 -> xxx.yyy.200.34:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:2107 -> xxx.yyy.200.35:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:2113 -> xxx.yyy.200.36:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:1982 -> xxx.yyy.200.21:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:2118 -> xxx.yyy.200.37:1433 SYN ******S*
Sep 3 05:11:09 82.36.152.149:2119 -> xxx.yyy.200.38:1433 SYN ******S*
Sep 3 05:11:10 82.36.152.149:2124 -> xxx.yyy.200.39:1433 SYN ******S*
82657
Sep 3 06:56:15 208.34.239.6:4054 -> xxx.yyy.1.1:139 SYN ******S*
Sep 3 06:56:15 208.34.239.6:4055 -> xxx.yyy.1.2:139 SYN ******S*
Sep 3 06:56:15 208.34.239.6:4056 -> xxx.yyy.1.3:139 SYN ******S*
Sep 3 06:56:15 208.34.239.6:4057 -> xxx.yyy.1.4:139 SYN ******S*
Sep 3 06:56:12 208.34.239.6:4058 -> xxx.yyy.1.5:139 SYN ******S*
Sep 3 06:56:12 208.34.239.6:4059 -> xxx.yyy.1.6:139 SYN ******S*
Sep 3 06:56:15 208.34.239.6:4060 -> xxx.yyy.1.7:139 SYN ******S*
Sep 3 06:56:15 208.34.239.6:4061 -> xxx.yyy.1.8:139 SYN ******S*
[...]
Sep 3 07:07:53 208.34.239.6:3059 -> xxx.yyy.255.238:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3070 -> xxx.yyy.255.249:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3073 -> xxx.yyy.255.252:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3067 -> xxx.yyy.255.246:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3074 -> xxx.yyy.255.253:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3071 -> xxx.yyy.255.250:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3068 -> xxx.yyy.255.247:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3072 -> xxx.yyy.255.251:139 SYN ******S*
Sep 3 07:07:53 208.34.239.6:3069 -> xxx.yyy.255.248:139 SYN ******S*
69560
Sep 3 03:38:49 216.253.177.144:2210 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2214 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2216 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2220 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2222 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2224 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 03:38:49 216.253.177.144:2226 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 3 03:38:46 216.253.177.144:2232 -> xxx.yyy.1.9:1433 SYN ******S*
[...]
Sep 3 03:50:43 216.253.177.144:3690 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3676 -> xxx.yyy.255.245:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3684 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3678 -> xxx.yyy.255.246:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3692 -> xxx.yyy.255.251:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3686 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3694 -> xxx.yyy.255.252:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3682 -> xxx.yyy.255.247:1433 SYN ******S*
Sep 3 03:50:43 216.253.177.144:3704 -> xxx.yyy.255.254:1433 SYN ******S*
69164
Sep 3 07:22:19 195.251.232.4:26844 -> xxx.yyy.1.1:80 SYN ******S*
Sep 3 07:22:19 195.251.232.4:26845 -> xxx.yyy.1.2:80 SYN ******S*
Sep 3 07:22:19 195.251.232.4:26846 -> xxx.yyy.1.3:80 SYN ******S*
Sep 3 07:22:20 195.251.232.4:26847 -> xxx.yyy.1.4:80 SYN ******S*
Sep 3 07:22:20 195.251.232.4:26848 -> xxx.yyy.1.5:80 SYN ******S*
Sep 3 07:22:20 195.251.232.4:26849 -> xxx.yyy.1.6:80 SYN ******S*
Sep 3 07:22:20 195.251.232.4:26850 -> xxx.yyy.1.7:80 SYN ******S*
Sep 3 07:22:20 195.251.232.4:26851 -> xxx.yyy.1.8:80 SYN ******S*
[...]
Sep 3 07:31:55 195.251.232.4:32317 -> xxx.yyy.255.253:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32318 -> xxx.yyy.255.254:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32181 -> xxx.yyy.255.117:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32213 -> xxx.yyy.255.149:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32235 -> xxx.yyy.255.171:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32236 -> xxx.yyy.255.172:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32237 -> xxx.yyy.255.173:80 SYN ******S*
Sep 3 07:31:55 195.251.232.4:32264 -> xxx.yyy.255.200:80 SYN ******S*
67069
Sep 3 20:11:51 217.220.247.92:3532 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 20:11:51 217.220.247.92:3533 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 20:11:51 217.220.247.92:3534 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 20:11:48 217.220.247.92:3535 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 20:11:51 217.220.247.92:3536 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 20:11:51 217.220.247.92:3537 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 20:11:48 217.220.247.92:3538 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 3 20:11:51 217.220.247.92:3539 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
Sep 3 20:23:31 217.220.247.92:3406 -> xxx.yyy.255.198:1433 SYN ******S*
Sep 3 20:23:31 217.220.247.92:3403 -> xxx.yyy.255.195:1433 SYN ******S*
Sep 3 20:23:31 217.220.247.92:3400 -> xxx.yyy.255.192:1433 SYN ******S*
Sep 3 20:23:31 217.220.247.92:3404 -> xxx.yyy.255.196:1433 SYN ******S*
Sep 3 20:23:31 217.220.247.92:3401 -> xxx.yyy.255.193:1433 SYN ******S*
Sep 3 20:23:32 217.220.247.92:3451 -> xxx.yyy.255.243:1433 SYN ******S*
Sep 3 20:23:32 217.220.247.92:3448 -> xxx.yyy.255.240:1433 SYN ******S*
Sep 3 20:23:32 217.220.247.92:3456 -> xxx.yyy.255.248:1433 SYN ******S*
66898
Sep 3 00:27:40 206.45.126.218:2309 -> xxx.yyy.1.1:4899 SYN ******S*
Sep 3 00:27:40 206.45.126.218:2312 -> xxx.yyy.1.4:4899 SYN ******S*
Sep 3 00:27:43 206.45.126.218:2314 -> xxx.yyy.1.6:4899 SYN ******S*
Sep 3 00:27:40 206.45.126.218:2315 -> xxx.yyy.1.7:4899 SYN ******S*
Sep 3 00:27:43 206.45.126.218:2317 -> xxx.yyy.1.9:4899 SYN ******S*
Sep 3 00:27:41 206.45.126.218:2319 -> xxx.yyy.1.11:4899 SYN ******S*
Sep 3 00:27:40 206.45.126.218:2320 -> xxx.yyy.1.12:4899 SYN ******S*
Sep 3 00:27:40 206.45.126.218:2321 -> xxx.yyy.1.13:4899 SYN ******S*
[...]
Sep 3 00:39:29 206.45.126.218:4722 -> xxx.yyy.255.239:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4719 -> xxx.yyy.255.236:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4726 -> xxx.yyy.255.243:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4730 -> xxx.yyy.255.247:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4734 -> xxx.yyy.255.251:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4735 -> xxx.yyy.255.252:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4732 -> xxx.yyy.255.249:4899 SYN ******S*
Sep 3 00:39:29 206.45.126.218:4737 -> xxx.yyy.255.254:4899 SYN ******S*
55456
Sep 3 01:48:15 64.163.34.135:4418 -> xxx.yyy.1.1:8000 SYN ******S*
Sep 3 01:48:15 64.163.34.135:4419 -> xxx.yyy.1.2:8000 SYN ******S*
Sep 3 01:48:15 64.163.34.135:4420 -> xxx.yyy.1.3:8000 SYN ******S*
Sep 3 01:48:14 64.163.34.135:4421 -> xxx.yyy.1.4:8000 SYN ******S*
Sep 3 01:48:14 64.163.34.135:4422 -> xxx.yyy.1.5:8000 SYN ******S*
Sep 3 01:48:17 64.163.34.135:4423 -> xxx.yyy.1.6:8000 SYN ******S*
Sep 3 01:48:14 64.163.34.135:4424 -> xxx.yyy.1.7:8000 SYN ******S*
Sep 3 01:48:14 64.163.34.135:4425 -> xxx.yyy.1.8:8000 SYN ******S*
[...]
Sep 3 01:57:03 64.163.34.135:2033 -> xxx.yyy.255.244:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:2017 -> xxx.yyy.255.228:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:1992 -> xxx.yyy.255.203:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:2005 -> xxx.yyy.255.216:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:2002 -> xxx.yyy.255.213:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:2034 -> xxx.yyy.255.245:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:1986 -> xxx.yyy.255.197:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:2015 -> xxx.yyy.255.226:8000 SYN ******S*
Sep 3 01:57:03 64.163.34.135:1999 -> xxx.yyy.255.210:8000 SYN ******S*
48947
Sep 3 13:14:48 64.213.140.135:3048 -> xxx.yyy.1.3:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3050 -> xxx.yyy.1.4:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3052 -> xxx.yyy.1.5:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3054 -> xxx.yyy.1.6:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3058 -> xxx.yyy.1.8:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3066 -> xxx.yyy.1.12:143 SYN ******S*
Sep 3 13:14:51 64.213.140.135:3068 -> xxx.yyy.1.13:143 SYN ******S*
Sep 3 13:14:48 64.213.140.135:3076 -> xxx.yyy.1.17:143 SYN ******S*
[...]
Sep 3 13:26:47 64.213.140.135:2698 -> xxx.yyy.255.207:143 SYN ******S*
Sep 3 13:26:47 64.213.140.135:2703 -> xxx.yyy.255.210:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2721 -> xxx.yyy.255.219:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2717 -> xxx.yyy.255.217:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2713 -> xxx.yyy.255.215:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2727 -> xxx.yyy.255.222:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2759 -> xxx.yyy.255.238:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2749 -> xxx.yyy.255.233:143 SYN ******S*
Sep 3 13:26:48 64.213.140.135:2774 -> xxx.yyy.255.246:143 SYN ******S*
39348
Sep 3 12:04:30 68.15.33.137:4006 -> xxx.yyy.1.1:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4007 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4008 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4009 -> xxx.yyy.1.4:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4010 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4012 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4013 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 3 12:04:30 68.15.33.137:4015 -> xxx.yyy.1.10:1433 SYN ******S*
[...]
Sep 3 12:16:15 68.15.33.137:2653 -> xxx.yyy.255.225:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2652 -> xxx.yyy.255.224:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2648 -> xxx.yyy.255.220:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2649 -> xxx.yyy.255.221:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2651 -> xxx.yyy.255.223:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2647 -> xxx.yyy.255.219:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2678 -> xxx.yyy.255.250:1433 SYN ******S*
Sep 3 12:16:15 68.15.33.137:2681 -> xxx.yyy.255.253:1433 SYN ******S*
38290
Sep 3 00:24:13 66.207.244.254:4465 -> xxx.yyy.64.0:17300 SYN ******S*
Sep 3 00:24:13 66.207.244.254:4468 -> xxx.yyy.64.3:17300 SYN ******S*
Sep 3 00:24:13 66.207.244.254:4471 -> xxx.yyy.64.6:17300 SYN ******S*
Sep 3 00:24:14 66.207.244.254:4466 -> xxx.yyy.64.1:17300 SYN ******S*
Sep 3 00:24:14 66.207.244.254:4469 -> xxx.yyy.64.4:17300 SYN ******S*
Sep 3 00:24:14 66.207.244.254:4472 -> xxx.yyy.64.7:17300 SYN ******S*
Sep 3 00:24:14 66.207.244.254:4473 -> xxx.yyy.64.8:17300 SYN ******S*
Sep 3 00:24:14 66.207.244.254:4476 -> xxx.yyy.64.11:17300 SYN ******S*
[...]
Sep 3 01:46:02 66.207.244.254:3627 -> xxx.yyy.254.247:17300 SYN ******S*
Sep 3 01:46:02 66.207.244.254:3619 -> xxx.yyy.254.239:17300 SYN ******S*
Sep 3 01:46:02 66.207.244.254:3622 -> xxx.yyy.254.242:17300 SYN ******S*
Sep 3 01:46:02 66.207.244.254:3625 -> xxx.yyy.254.245:17300 SYN ******S*
Sep 3 01:46:02 66.207.244.254:3628 -> xxx.yyy.254.248:17300 SYN ******S*
Sep 3 01:46:02 66.207.244.254:3631 -> xxx.yyy.254.251:17300 SYN ******S*
Sep 3 01:46:04 66.207.244.254:3773 -> xxx.yyy.254.253:17300 SYN ******S*
Sep 3 01:46:04 66.207.244.254:3774 -> xxx.yyy.254.254:17300 SYN ******S*
Sep 3 01:46:04 66.207.244.254:3775 -> xxx.yyy.254.255:17300 SYN ******S*
37378
Sep 3 14:00:26 81.53.8.150:3312 -> xxx.yyy.1.1:139 SYN ******S*
Sep 3 14:00:26 81.53.8.150:3313 -> xxx.yyy.1.2:139 SYN ******S*
Sep 3 14:00:26 81.53.8.150:3316 -> xxx.yyy.1.5:139 SYN ******S*
Sep 3 14:00:26 81.53.8.150:3318 -> xxx.yyy.1.7:139 SYN ******S*
Sep 3 14:00:26 81.53.8.150:3319 -> xxx.yyy.1.8:139 SYN ******S*
Sep 3 14:00:27 81.53.8.150:3320 -> xxx.yyy.1.9:139 SYN ******S*
Sep 3 14:00:27 81.53.8.150:3321 -> xxx.yyy.1.10:139 SYN ******S*
Sep 3 14:00:27 81.53.8.150:3323 -> xxx.yyy.1.12:139 SYN ******S*
[...]
Sep 3 14:11:32 81.53.8.150:4353 -> xxx.yyy.255.218:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4356 -> xxx.yyy.255.220:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4370 -> xxx.yyy.255.234:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4376 -> xxx.yyy.255.239:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4377 -> xxx.yyy.255.240:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4384 -> xxx.yyy.255.247:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4387 -> xxx.yyy.255.250:139 SYN ******S*
Sep 3 14:11:32 81.53.8.150:4388 -> xxx.yyy.255.251:139 SYN ******S*
36655
Sep 3 13:57:31 209.77.197.85:2972 -> xxx.yyy.1.2:8000 SYN ******S*
Sep 3 13:57:31 209.77.197.85:2973 -> xxx.yyy.1.3:8000 SYN ******S*
Sep 3 13:57:33 209.77.197.85:2974 -> xxx.yyy.1.4:8000 SYN ******S*
Sep 3 13:57:33 209.77.197.85:2976 -> xxx.yyy.1.6:8000 SYN ******S*
Sep 3 13:57:31 209.77.197.85:2981 -> xxx.yyy.1.11:8000 SYN ******S*
Sep 3 13:57:30 209.77.197.85:2982 -> xxx.yyy.1.12:8000 SYN ******S*
Sep 3 13:57:31 209.77.197.85:2983 -> xxx.yyy.1.13:8000 SYN ******S*
Sep 3 13:57:31 209.77.197.85:2989 -> xxx.yyy.1.19:8000 SYN ******S*
[...]
Sep 3 14:09:29 209.77.197.85:2294 -> xxx.yyy.255.221:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2295 -> xxx.yyy.255.222:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2303 -> xxx.yyy.255.230:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2316 -> xxx.yyy.255.243:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2323 -> xxx.yyy.255.250:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2321 -> xxx.yyy.255.248:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2325 -> xxx.yyy.255.252:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2322 -> xxx.yyy.255.249:8000 SYN ******S*
Sep 3 14:09:29 209.77.197.85:2319 -> xxx.yyy.255.246:8000 SYN ******S*
35892
Sep 3 13:01:56 84.112.25.16:2399 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 13:01:56 84.112.25.16:2400 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 13:01:53 84.112.25.16:2402 -> xxx.yyy.1.5:1433 SYN ******S*
Sep 3 13:01:53 84.112.25.16:2403 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 13:01:53 84.112.25.16:2404 -> xxx.yyy.1.7:1433 SYN ******S*
Sep 3 13:01:53 84.112.25.16:2405 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 3 13:01:56 84.112.25.16:2406 -> xxx.yyy.1.9:1433 SYN ******S*
Sep 3 13:01:53 84.112.25.16:2408 -> xxx.yyy.1.11:1433 SYN ******S*
[...]
Sep 3 13:13:36 84.112.25.16:1333 -> xxx.yyy.255.215:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1356 -> xxx.yyy.255.237:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1355 -> xxx.yyy.255.236:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1367 -> xxx.yyy.255.248:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1363 -> xxx.yyy.255.244:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1368 -> xxx.yyy.255.249:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1362 -> xxx.yyy.255.243:1433 SYN ******S*
Sep 3 13:13:36 84.112.25.16:1372 -> xxx.yyy.255.253:1433 SYN ******S*
32124
Sep 3 13:29:55 213.155.79.100:1418 -> xxx.yyy.1.1:80 SYN ******S*
Sep 3 13:29:53 213.155.79.100:1422 -> xxx.yyy.1.5:80 SYN ******S*
Sep 3 13:29:53 213.155.79.100:1423 -> xxx.yyy.1.6:80 SYN ******S*
Sep 3 13:29:55 213.155.79.100:1419 -> xxx.yyy.1.2:80 SYN ******S*
Sep 3 13:29:55 213.155.79.100:1420 -> xxx.yyy.1.3:80 SYN ******S*
Sep 3 13:29:56 213.155.79.100:1528 -> xxx.yyy.1.10:80 SYN ******S*
Sep 3 13:29:56 213.155.79.100:1530 -> xxx.yyy.1.12:80 SYN ******S*
Sep 3 13:29:56 213.155.79.100:1533 -> xxx.yyy.1.15:80 SYN ******S*
[...]
Sep 3 14:08:37 213.155.79.100:3533 -> xxx.yyy.255.235:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3526 -> xxx.yyy.255.228:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3534 -> xxx.yyy.255.236:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3518 -> xxx.yyy.255.220:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3494 -> xxx.yyy.255.196:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3510 -> xxx.yyy.255.212:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3542 -> xxx.yyy.255.244:80 SYN ******S*
Sep 3 14:08:38 213.155.79.100:3530 -> xxx.yyy.255.232:80 SYN ******S*
30108
Sep 3 23:52:10 211.135.99.4:3351 -> xxx.yyy.72.168:5554 SYN ******S*
Sep 3 23:52:11 211.135.99.4:4227 -> xxx.yyy.72.168:1023 SYN ******S*
Sep 3 23:52:13 211.135.99.4:1951 -> xxx.yyy.72.168:9898 SYN ******S*
Sep 3 23:52:10 211.135.99.4:3352 -> xxx.yyy.72.165:5554 SYN ******S*
Sep 3 23:52:11 211.135.99.4:4231 -> xxx.yyy.72.165:1023 SYN ******S*
Sep 3 23:52:13 211.135.99.4:1952 -> xxx.yyy.72.165:9898 SYN ******S*
Sep 3 23:52:10 211.135.99.4:3355 -> xxx.yyy.72.163:5554 SYN ******S*
Sep 3 23:52:11 211.135.99.4:4234 -> xxx.yyy.72.163:1023 SYN ******S*
[...]
Sep 3 23:53:03 211.135.99.4:2350 -> xxx.yyy.92.223:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2351 -> xxx.yyy.92.224:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2353 -> xxx.yyy.92.225:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2436 -> xxx.yyy.92.226:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2437 -> xxx.yyy.92.227:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2438 -> xxx.yyy.92.230:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2443 -> xxx.yyy.92.232:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2445 -> xxx.yyy.92.233:9898 SYN ******S*
Sep 3 23:53:03 211.135.99.4:2488 -> xxx.yyy.92.229:9898 SYN ******S*
13000
Sep 3 07:56:28 220.87.54.183:4648 -> xxx.yyy.194.126:5554 SYN ******S*
Sep 3 07:56:31 220.87.54.183:2321 -> xxx.yyy.194.126:9898 SYN ******S*
Sep 3 07:56:28 220.87.54.183:4645 -> xxx.yyy.194.125:5554 SYN ******S*
Sep 3 07:56:31 220.87.54.183:2320 -> xxx.yyy.194.125:9898 SYN ******S*
Sep 3 07:56:28 220.87.54.183:4653 -> xxx.yyy.194.131:5554 SYN ******S*
Sep 3 07:56:31 220.87.54.183:2314 -> xxx.yyy.194.131:9898 SYN ******S*
Sep 3 07:56:28 220.87.54.183:4649 -> xxx.yyy.194.127:5554 SYN ******S*
Sep 3 07:56:29 220.87.54.183:1311 -> xxx.yyy.194.127:1023 SYN ******S*
[...]
Sep 3 07:57:14 220.87.54.183:2348 -> xxx.yyy.214.104:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2350 -> xxx.yyy.214.106:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2612 -> xxx.yyy.214.158:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2657 -> xxx.yyy.214.180:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2701 -> xxx.yyy.214.164:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2742 -> xxx.yyy.214.166:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2714 -> xxx.yyy.214.163:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2748 -> xxx.yyy.214.168:9898 SYN ******S*
Sep 3 07:57:14 220.87.54.183:2749 -> xxx.yyy.214.169:9898 SYN ******S*
12988
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.41:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.42:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.44:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.45:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.40:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.49:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.50:22 SYN ******S*
Sep 3 06:14:44 159.226.92.210:38765 -> xxx.yyy.1.43:22 SYN ******S*
[...]
Sep 3 07:08:19 159.226.92.210:47993 -> xxx.yyy.1.242:22 SYN ******S*
Sep 3 07:08:19 159.226.92.210:47995 -> xxx.yyy.1.54:22 SYN ******S*
Sep 3 07:08:19 159.226.92.210:48008 -> xxx.yyy.12.33:22 SYN ******S*
Sep 3 07:08:19 159.226.92.210:48016 -> xxx.yyy.12.23:22 SYN ******S*
Sep 3 07:08:20 159.226.92.210:48044 -> xxx.yyy.14.23:22 SYN ******S*
Sep 3 07:08:20 159.226.92.210:48063 -> xxx.yyy.12.31:22 SYN ******S*
Sep 3 07:08:20 159.226.92.210:48067 -> xxx.yyy.12.34:22 SYN ******S*
Sep 3 07:08:21 159.226.92.210:48114 -> xxx.yyy.1.45:22 SYN ******S*
Sep 3 07:08:24 159.226.92.210:48248 -> xxx.yyy.12.33:22 SYN ******S*
12655
Sep 3 15:50:36 82.37.241.19:2057 -> xxx.yyy.1.0:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2061 -> xxx.yyy.1.2:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2063 -> xxx.yyy.1.3:1433 SYN ******S*
Sep 3 15:50:33 82.37.241.19:2069 -> xxx.yyy.1.6:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2073 -> xxx.yyy.1.8:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2075 -> xxx.yyy.1.9:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2077 -> xxx.yyy.1.10:1433 SYN ******S*
Sep 3 15:50:36 82.37.241.19:2079 -> xxx.yyy.1.11:1433 SYN ******S*
[...]
Sep 3 16:57:40 82.37.241.19:1818 -> xxx.yyy.75.171:1433 SYN ******S*
Sep 3 16:57:40 82.37.241.19:1833 -> xxx.yyy.75.173:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1855 -> xxx.yyy.75.175:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1861 -> xxx.yyy.75.176:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1876 -> xxx.yyy.75.177:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1877 -> xxx.yyy.75.178:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1888 -> xxx.yyy.75.179:1433 SYN ******S*
Sep 3 16:57:41 82.37.241.19:1889 -> xxx.yyy.75.180:1433 SYN ******S*
Sep 3 16:57:42 82.37.241.19:1905 -> xxx.yyy.75.181:1433 SYN ******S*
9527
[...]
9281
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.1.236:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.64.90:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.64.221:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.65.96:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.65.227:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.66.102:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.66.233:6129 SYN ******S*
Sep 3 10:30:50 213.17.230.142:3001 -> xxx.yyy.67.108:6129 SYN ******S*
[...]
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.209.220:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.210.95:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.210.226:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.239.7:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.239.138:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.240.13:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.249.67:6129 SYN ******S*
Sep 3 12:46:12 213.17.230.142:3001 -> xxx.yyy.249.198:6129 SYN ******S*
8584
Sep 3 15:56:07 65.92.117.41:2690 -> xxx.yyy.71.160:5554 SYN ******S*
Sep 3 15:56:10 65.92.117.41:1737 -> xxx.yyy.71.160:9898 SYN ******S*
Sep 3 15:56:07 65.92.117.41:2691 -> xxx.yyy.71.161:5554 SYN ******S*
Sep 3 15:56:10 65.92.117.41:1740 -> xxx.yyy.71.161:9898 SYN ******S*
Sep 3 15:56:07 65.92.117.41:2695 -> xxx.yyy.71.163:5554 SYN ******S*
Sep 3 15:56:07 65.92.117.41:2702 -> xxx.yyy.71.167:5554 SYN ******S*
Sep 3 15:56:07 65.92.117.41:2703 -> xxx.yyy.71.168:5554 SYN ******S*
Sep 3 15:56:08 65.92.117.41:3642 -> xxx.yyy.71.168:1023 SYN ******S*
[...]
Sep 3 15:56:53 65.92.117.41:4147 -> xxx.yyy.91.239:9898 SYN ******S*
Sep 3 15:56:53 65.92.117.41:4170 -> xxx.yyy.91.254:9898 SYN ******S*
Sep 3 15:56:53 65.92.117.41:4228 -> xxx.yyy.92.0:9898 SYN ******S*
Sep 3 15:56:53 65.92.117.41:4271 -> xxx.yyy.92.2:9898 SYN ******S*
Sep 3 15:56:53 65.92.117.41:4306 -> xxx.yyy.92.4:9898 SYN ******S*
Sep 3 15:56:53 65.92.117.41:4437 -> xxx.yyy.92.7:9898 SYN ******S*
Sep 3 15:56:54 65.92.117.41:4470 -> xxx.yyy.92.9:9898 SYN ******S*
Sep 3 15:56:54 65.92.117.41:4612 -> xxx.yyy.92.22:9898 SYN ******S*
Sep 3 15:56:54 65.92.117.41:4798 -> xxx.yyy.92.26:9898 SYN ******S*
8163
Sep 3 00:56:14 221.202.142.39:3098 -> xxx.yyy.133.28:5554 SYN ******S*
Sep 3 00:56:17 221.202.142.39:1033 -> xxx.yyy.133.28:9898 SYN ******S*
Sep 3 00:56:14 221.202.142.39:3103 -> xxx.yyy.133.22:5554 SYN ******S*
Sep 3 00:56:15 221.202.142.39:3606 -> xxx.yyy.133.22:1023 SYN ******S*
Sep 3 00:56:17 221.202.142.39:1036 -> xxx.yyy.133.22:9898 SYN ******S*
Sep 3 00:56:14 221.202.142.39:3109 -> xxx.yyy.133.16:5554 SYN ******S*
Sep 3 00:56:15 221.202.142.39:3629 -> xxx.yyy.133.16:1023 SYN ******S*
Sep 3 00:56:17 221.202.142.39:4854 -> xxx.yyy.133.16:9898 SYN ******S*
[...]
Sep 3 00:57:01 221.202.142.39:3933 -> xxx.yyy.153.95:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:3930 -> xxx.yyy.153.92:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:3934 -> xxx.yyy.153.96:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:3939 -> xxx.yyy.153.85:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:3952 -> xxx.yyy.153.91:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:4020 -> xxx.yyy.153.105:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:4049 -> xxx.yyy.153.111:9898 SYN ******S*
Sep 3 00:57:01 221.202.142.39:4245 -> xxx.yyy.153.124:9898 SYN ******S*
8028
--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu phone: (319) 273-5850 fax: (319) 273-7373
More information about the Intrusions
mailing list