[Dshield] Port 3315

Göran Strömstén gstromsten.remove at kolumbus.fi
Sun Dec 7 21:40:12 GMT 2003


Beneath is 2 quite typical excerpts from my logs, where the source ports are 1564 and 1214.

As you can see, the entries are logged with quite nice and even intervals.

One source seems always to use the same port. The ports in use begin from 79,80,131,600,800,999,1033,1052-1067,1069,1071 etc continues up through the 6xk range, but mostly ports in the 1k, 2k and 3k ranges are used.

GS

FWIN 6.12.2003 0:12:32 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:16:44 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:19:06 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:21:24 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:23:38 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:25:48 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:28:04 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:30:30 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:32:46 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:35:02 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:39:12 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:43:40 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:45:54 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:48:12 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:52:08 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 0:57:10 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:01:38 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:03:44 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:06:00 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:08:14 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:10:28 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:14:54 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:17:08 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:19:22 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:21:38 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:23:50 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:26:04 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:28:16 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:32:46 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:35:00 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:37:14 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:39:28 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:41:44 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:43:58 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 1:46:10 +2:00 GMT 217.215.109.37 as10_6_8.s.bonet.se 1564 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 

FWIN 6.12.2003 14:05:32 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:08:58 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:12:54 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:16:16 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:20:20 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:23:42 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:27:36 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:31:06 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:34:46 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:38:40 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:42:06 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:47:50 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:55:18 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 14:59:06 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:04:22 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:09:38 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:13:50 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:18:00 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:21:38 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:25:28 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:29:32 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:33:28 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:38:44 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:42:08 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 
FWIN 6.12.2003 15:50:00 +2:00 GMT 62.65.213.163 pc163.host21.starman.ee 1214 xxx.xxx.xxx.xxx mypc.mydomain 3315 UDP 




More information about the list mailing list