[Dshield] [LOGS] tcp:27374 upsurge? - ACID Incident Report

John Sage jsage at finchhaven.com
Tue Jul 2 12:58:52 GMT 2002


When looking back over the last week's records, nothing for tcp:27374
until yesterday, and then quite a few...

----- Forwarded message from ACID Alert <acid at finchhaven.com> -----

Date: Tue, 2 Jul 2002 05:52:02 -0700
Subject: ACID Incident Report
From: ACID Alert <acid at finchhaven.com>
Generated by ACID v0.9.6b21 on Tue July 02, 2002 05:52:02

For the period 06/24/02 to 07/02/02:

#228-1| [2002-07-01 20:33:26] 61.77.238.139:1697 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-2| [2002-07-01 20:33:29] 61.77.238.139:1697 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-3| [2002-07-01 20:33:35] 61.77.238.139:1697 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-4| [2002-07-01 21:12:13] 211.192.184.19:3317 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-5| [2002-07-01 21:12:16] 211.192.184.19:3317 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-6| [2002-07-01 21:12:22] 211.192.184.19:3317 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-7| [2002-07-01 23:05:04] 211.222.77.162:2977 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-8| [2002-07-01 23:05:07] 211.222.77.162:2977 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-9| [2002-07-01 23:05:13] 211.222.77.162:2977 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-10| [2002-07-01 23:05:24] 211.222.77.162:2977 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-11| [2002-07-01 23:17:02] 211.204.249.151:1905 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-12| [2002-07-01 23:17:05] 211.204.249.151:1905 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-13| [2002-07-01 23:17:10] 211.204.249.151:1905 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-14| [2002-07-01 23:21:27] 210.223.29.22:3966 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-15| [2002-07-01 23:21:30] 210.223.29.22:3966 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-16| [2002-07-01 23:21:36] 210.223.29.22:3966 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-17| [2002-07-01 23:21:48] 210.223.29.22:3966 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-18| [2002-07-02 00:07:40] 210.217.170.168:4182 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-19| [2002-07-02 00:07:43] 210.217.170.168:4182 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-20| [2002-07-02 00:07:49] 210.217.170.168:4182 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-21| [2002-07-02 00:10:31] 61.248.12.240:2559 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-22| [2002-07-02 00:10:34] 61.248.12.240:2559 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-23| [2002-07-02 00:10:40] 61.248.12.240:2559 -> 12.82.132.164:27374  TCP to 27374 SubSeven

#228-27| [2002-07-02 01:04:05] 211.55.75.66:1522 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-28| [2002-07-02 01:04:08] 211.55.75.66:1522 -> 12.82.132.164:27374  TCP to 27374 SubSeven
#228-29| [2002-07-02 01:04:14] 211.55.75.66:1522 -> 12.82.132.164:27374  TCP to 27374 SubSeven

----- End forwarded message -----


- John
-- 
"You are in a little maze of twisty passages, all different."

PGP key      http://www.finchhaven.com/pages/gpg_pubkey.html
Fingerprint  FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5 




More information about the list mailing list