[Dshield] AOL Probing Me Big Time

WMAVT@aol.com WMAVT at aol.com
Mon Feb 9 22:44:45 GMT 2004


I get up to 500 hits from AOL in a 3 HR session, LOL. But I use AOL software 
on a winXp machine that is NOT "TO BE USED." AOL 5.0.
    If you have Netscape, AIM, or ever had AOL or you picked up an AOL 
password sniffer, or someone has put a BOT on you machine to Collect AOL Screen 
Names, AOL Will try to get in and see what you are up to.
    Other than that the IP is AOL. 
                               have fun Bill

========Original Message======== 
Subj:   [Dshield] AOL Probing Me Big Time   
Date:   1/26/2004 7:57:46 PM Mountain Standard Time 
From:    jestahley3 at cox.net (Joseph Stahley 3rd)
Sender:    list-bounces at dshield.org
Reply-to: <A HREF="mailto:list at dshield.org">list at dshield.org</A> (General DShield Discussion List)
To:    list at dshield.org (DShield)
CC:    bobbateman at sequoiallc.com (Bob Bateman)
    
    


Just took a look at my log..from 14:51 - 14:54 I had about 15 attempts each
on Local Ports 1394 - 1397 from 64.236.44.31 remote port 80. never seen this
before, any ideas?

01/26/04 18:11:04 IP block 64.236.44.31
Trying 64.236.44.31 at ARIN
Trying 64.236.44 at ARIN

OrgName:    AOL Transit Data Network 
OrgID:      ATDN
Address:    12100 Sunrise Valley Drive
City:       Reston
StateProv:  VA
PostalCode: 20191
Country:    US

NetRange:   64.236.0.0 - 64.236.255.255 
CIDR:       64.236.0.0/16 
NetName:    ATDN-ISP
NetHandle:  NET-64-236-0-0-1
Parent:     NET-64-0-0-0-0
NetType:    Direct Allocation
NameServer: DNS-01.ATDN.NET
NameServer: DNS-02.ATDN.NET
Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:    2000-02-02
Updated:    2002-06-19

TechHandle: AOL-NOC-ARIN
TechName:   America Online, Inc. 
TechPhone:  +1-703-265-4670
TechEmail:  domains at aol.net 

OrgAbuseHandle: AOL382-ARIN
OrgAbuseName:   Abuse 
OrgAbusePhone:  +1-703-265-4670
OrgAbuseEmail:  abuse at aol.net

OrgNOCHandle: AOL236-ARIN
OrgNOCName:   NOC 
OrgNOCPhone:  +1-703-265-4670
OrgNOCEmail:  noc at aol.net

OrgTechHandle: AOL-NOC-ARIN
OrgTechName:   America Online, Inc. 
OrgTechPhone:  +1-703-265-4670
OrgTechEmail:  domains at aol.net

Joseph

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: 
http://www.dshield.org/mailman/listinfo/list


----------------------- Headers --------------------------------
Return-Path: <list-bounces at dshield.org>
Received: from  rly-xi01.mx.aol.com (rly-xi01.mail.aol.com [172.20.116.6]) by 
air-xi01.mail.aol.com (v97.18) with ESMTP id MAILINXI13-4bb4015d396157; Mon, 
26 Jan 2004 21:57:46 -0500
Received: from  mail.giac.net (mail1.giac.net [65.173.218.103]) by 
rly-xi01.mx.aol.com (v97.10) with ESMTP id MAILRELAYINXI11-4bb4015d396157; Mon, 26 Jan 
2004 21:57:26 -0500
Received: (qmail 4437 invoked from network); 27 Jan 2004 02:57:25 -0000
Received: from  (HELO dshield.com) (@)
  by 0 with SMTP; 27 Jan 2004 02:57:25 -0000
Received: from maverick12.sans.org (localhost.localdomain [127.0.0.1])
    by dshield.com (8.11.6/8.11.6) with ESMTP id i0R2sdv02368;
    Tue, 27 Jan 2004 02:54:39 GMT
Received: from mail.giac.net (iceman1 [65.173.218.103])
    by dshield.com (8.11.6/8.11.6) with SMTP id i0R2kfv02049
    for <list at maverick12.sans.org>; Tue, 27 Jan 2004 02:46:41 GMT
Received: (qmail 2054 invoked from network); 27 Jan 2004 02:46:41 -0000
Received: from  (HELO dshield.org) (@)
    by 0 with SMTP; 27 Jan 2004 02:46:41 -0000
Old-Received: (qmail 2045 invoked from network); 27 Jan 2004 02:46:38 -0000
Old-Received: from fed1mtao08.cox.net (68.6.19.123)
    by 0 with SMTP; 27 Jan 2004 02:46:38 -0000
Old-Received: from desktop ([68.8.122.110]) by fed1mtao08.cox.net
    (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP
    id <20040127021742.LTTW11788.fed1mtao08.cox.net at desktop>;
    Mon, 26 Jan 2004 21:17:42 -0500
From: "Joseph Stahley 3rd" <jestahley3 at cox.net>
To: "DShield" <list at dshield.org>
Date: Mon, 26 Jan 2004 18:16:58 -0800
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: AcPke6RzqUuKIBr3RrONl5JI5eFp2w==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-Id: <20040127021742.LTTW11788.fed1mtao08.cox.net at desktop>
Old-X-Envelope-To: list at dshield.org
X-Seen-By: bob list
X-Envelope-To: UNKNOWN
X-Mailman-Approved-At: Tue, 27 Jan 2004 02:54:10 +0000
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.3
Cc: Bob Bateman <bobbateman at sequoiallc.com>
Subject: [Dshield] AOL Probing Me Big Time
X-BeenThere: list at dshield.org
X-Mailman-Version: 2.1.3
Precedence: list
Reply-To: General DShield Discussion List <list at dshield.org>
List-Id: General DShield Discussion List <list.dshield.org>
List-Unsubscribe: <http://www.dshield.org/mailman/listinfo/list>,
    <mailto:list-request at dshield.org?subject=unsubscribe>
List-Archive: <http://www.dshield.org/pipermail/list>
List-Post: <mailto:list at dshield.org>
List-Help: <mailto:list-request at dshield.org?subject=help>
List-Subscribe: <http://www.dshield.org/mailman/listinfo/list>,
    <mailto:list-request at dshield.org?subject=subscribe>
Sender: list-bounces at dshield.org
Errors-To: list-bounces at dshield.org
X-AOL-IP: 65.173.218.103
X-AOL-SCOLL-SCORE: 0:XXX:XX
X-AOL-SCOLL-URL_COUNT: 0







More information about the list mailing list