[Dshield] traffic towards Microsoft

Louis Hablas Lou.Hablas at rzim.org
Thu Feb 5 16:57:30 GMT 2004


Definitely the case...I'd seen the same activity quite a while ago on my
network...

WU-related...

Lou

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
Behalf Of Doug White
Sent: Thursday, February 05, 2004 11:33 AM
To: General DShield Discussion List
Subject: Re: [Dshield] traffic towards Microsoft


Looks like you have users who have automatic update set up for Windows
Update
service.

======================================
Stop spam on your domain, Anti-spam solutions
http://www.clickdoug.com/mailfilter.cfm
For hosting solutions http://www.clickdoug.com
======================================
Aspire to Inspire before you Retire or Expire!


----- Original Message ----- 
From: "Margles Singleton" <MarglesSingleton at firsthealth.com>
To: <list at dshield.org>
Sent: Thursday, February 05, 2004 8:11 AM
Subject: [Dshield] traffic towards Microsoft


: Hello;
:
: I've seen some traffic that is odd for our network, blocked by our
: firewall.  Coming from user desktops and going straight to the net -
: evading the proxy server.  We did have minimal trouble with Mydoom.A,
: which has been cleaned, but I don't see other symptoms of Mydoom - have
: tried looking at open ports, the A/V software is fine and runs against
: files opened on the desktop.....
:
: Am I missing something obvious??
:
: Thanks!
: Margles
:
: a.b.100.40 207.46.134.24 http 8 Microsoft
: a.b.100.40 207.46.197.59 http 4 Microsoft
:
: a.b.102.150 207.46.197.59 http 4 Microsoft
: a.b.102.150 207.46.249.57 http 8 Microsoft
:
: a.b.118.2 207.46.197.59 http 8 Microsoft
:
: a.b.120.231 207.46.134.92 http 8 Microsoft
: a.b.120.231 207.46.197.59 http 4 Microsoft
:
: a.b.120.233 207.46.197.121 http 4 Microsoft
: a.b.120.233 207.46.249.56 http 5 Microsoft
:
: a.b.121.44 207.46.134.92 http 8 Microsoft
: a.b.121.44 207.46.197.121 http 4 Microsoft
:
: a.b.121.58 207.46.197.121 http 4 Microsoft
: a.b.121.58 207.46.249.56 http 8 Microsoft
:
: a.b.82.39 207.46.134.24 http 8 Microsoft
: a.b.82.39 207.46.197.121 http 4 Microsoft
:
: a.b.87.12 207.46.248.122 http 36 Microsoft
:
: a.b.87.13 207.46.134.90 http 8 Microsoft
: a.b.87.13 207.46.197.121 http 4 Microsoft
:
: a.b.88.186 207.46.134.24 http 8 Microsoft
: a.b.88.186 207.46.197.59 http 4 Microsoft
:
: a.b.88.188 207.46.134.92 http 8 Microsoft
: a.b.88.188 207.46.197.121 http 4 Microsoft
:
: a.c.150.169 207.46.197.59 http 1 Microsoft
: a.c.150.169 207.46.249.57 http 8 Microsoft
:
: a.c.150.179 207.46.134.24 http 8 Microsoft
: a.c.150.179 207.46.197.59 http 4 Microsoft
:
: a.c.166.1 207.46.197.59 http 4 Microsoft
: a.c.166.1 207.46.249.57 http 8 Microsoft
:
: a.c.166.110 207.46.134.92 http 8 Microsoft
: a.c.166.110 207.46.197.59 http 4 Microsoft
:
: a.c.166.58 207.46.134.24 http 8 Microsoft
: a.c.166.58 207.46.197.59 http 4 Microsoft
:
: a.c.166.61 207.46.197.59 http 8 Microsoft
:
: a.c.166.66 207.46.197.121 http 4 Microsoft
: a.c.166.66 207.46.249.56 http 8 Microsoft
:
: a.c.166.68 207.46.134.28 http 8 Microsoft
: a.c.166.68 207.46.197.121 http 4 Microsoft
:
: a.c.166.7 207.46.134.28 http 8 Microsoft
: a.c.166.7 207.46.197.121 http 4 Microsoft
:
: a.c.166.85 207.46.197.121 http 1 Microsoft
: a.c.166.85 207.46.249.57 http 8 Microsoft
:
: a.c.166.86 207.46.197.121 http 4 Microsoft
: a.c.166.86 207.46.249.57 http 8 Microsoft
:
: a.c.42.17 207.46.134.90 http 8 Microsoft
: a.c.42.17 207.46.197.59 http 4 Microsoft
:
: a.c.42.36 207.46.134.92 http 8 Microsoft
: a.c.42.36 207.46.197.121 http 4 Microsoft
:
: a.c.42.53 207.46.134.90 http 8 Microsoft
: a.c.42.53 207.46.197.121 http 4 Microsoft
:
: a.c.42.94 207.46.197.59 http 4 Microsoft
: a.c.42.94 207.46.249.56 http 8 Microsoft
:
: a.c.42.96 207.46.134.24 http 8 Microsoft
: a.c.42.96 207.46.197.59 http 4 Microsoft
:
: a.d.228.27 207.46.134.90 http 8 Microsoft
: a.d.228.27 207.46.197.59 http 4 Microsoft
:
: a.d.228.28 207.46.134.24 http 8 Microsoft
: a.d.228.28 207.46.197.59 http 4 Microsoft
:
: a.d.228.30 207.46.134.90 http 8 Microsoft
: a.d.228.30 207.46.197.59 http 4 Microsoft
:
: a.d.228.31 207.46.197.59 http 4 Microsoft
: a.d.228.31 207.46.249.57 http 8 Microsoft
:
: a.d.228.32 207.46.134.28 http 8 Microsoft
: a.d.228.32 207.46.197.121 http 4 Microsoft
:
: a.d.228.33 207.46.134.24 http 8 Microsoft
: a.d.228.33 207.46.197.121 http 4 Microsoft
:
: a.d.228.34 207.46.134.24 http 8 Microsoft
: a.d.228.34 207.46.197.121 http 4 Microsoft
:
: a.d.228.35 207.46.134.24 http 8 Microsoft
: a.d.228.35 207.46.197.59 http 4 Microsoft
:
: a.d.228.38 207.46.197.59 http 4 Microsoft
: a.d.228.38 207.46.249.57 http 8 Microsoft
:
: a.d.230.21 207.46.197.121 http 4 Microsoft
: a.d.230.21 207.46.249.56 http 8 Microsoft
:
: a.d.230.41 207.46.134.28 http 8 Microsoft
: a.d.230.41 207.46.197.121 http 4 Microsoft
:
: a.d.230.53 207.46.134.28 http 8 Microsoft
: a.d.230.53 207.46.197.59 http 4 Microsoft
:
: a.d.230.66 207.46.144.188 http 1 Microsoft
: a.d.230.66 207.46.197.121 http 4 Microsoft
:
:
: _______________________________________________
: list mailing list
: list at dshield.org
: To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
:
:

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list


The information contained in this message may be CONFIDENTIAL and is for the
intended addressee only.  Any unauthorized use, dissemination of the
information, or copying of this message is prohibited.  If you are not the
intended addressee, please notify the sender immediately and delete this
message.



More information about the list mailing list