[Dshield] 400 probes an Hour on ports 135 and 445

Joseph Stahley 3rd jestahley3 at cox.net
Sat Feb 14 07:45:52 GMT 2004


Experiencing very high volume of probes on ports 135 and 445 since 9pm pst.
At least 400 an hour ranging from domains from Korea, China, Hong Kong, and
SBC..My log is at this point close to 1000 entries. I usually just average
10 per hour..Something is up, but I have no idea what it is. I contacted my
service provider Cox HSI, they are looking into it. Maybe someone has seen
this before?
 
Joseph
 
DATE	 TIME	 I	 REMOTE IP	 REMOTE URL	 RPORT	 LOCAL IP
LPORT	
2/13/2004	 9:37:26 PM	 I	 211.116.13.11	 !	 4787
ROUTER	 445	
2/13/2004	 10:18:50 PM	 I	 211.116.29.131	  	 1491
ROUTER	 135	
2/13/2004	 10:18:53 PM	 I	 211.116.29.131	  	 1491
ROUTER	 135	
2/13/2004	 10:18:54 PM	 I	 211.116.29.131	  	 1653
ROUTER	 135	
2/13/2004	 10:18:59 PM	 I	 211.116.29.131	  	 1491
ROUTER	 135	
2/13/2004	 10:19:02 PM	 I	 211.116.29.131	  	 2082
ROUTER	 135	
2/13/2004	 10:19:03 PM	 I	 211.116.29.131	  	 1653
ROUTER	 135	
2/13/2004	 10:19:07 PM	 I	 211.116.29.131	  	 2130
ROUTER	 135	
2/13/2004	 10:19:11 PM	 I	 211.116.29.131	  	 2082
ROUTER	 135	
2/13/2004	 10:19:11 PM	 I	 211.116.29.131	  	 2444
ROUTER	 445	
2/13/2004	 10:19:13 PM	 I	 211.116.29.131	  	 2130
ROUTER	 135	
2/13/2004	 10:19:14 PM	 I	 211.116.29.131	  	 2444
ROUTER	 445	
2/13/2004	 10:19:15 PM	 I	 211.116.29.131	  	 2645
ROUTER	 445	
2/13/2004	 10:19:16 PM	 I	 211.116.29.131	  	 2571
ROUTER	 135	
2/13/2004	 10:19:18 PM	 I	 211.116.29.131	  	 2645
ROUTER	 445	
2/13/2004	 10:19:22 PM	 I	 211.116.29.131	  	 2571
ROUTER	 135	
2/13/2004	 10:19:23 PM	 I	 211.116.29.131	  	 3028
ROUTER	 445	
2/13/2004	 10:19:25 PM	 I	 211.116.29.131	  	 3126
ROUTER	 135	
2/13/2004	 10:19:26 PM	 I	 211.116.29.131	  	 3028
ROUTER	 445	
2/13/2004	 10:19:28 PM	 I	 211.116.29.131	  	 3126
ROUTER	 135	
2/13/2004	 10:19:32 PM	 I	 211.116.29.131	  	 3028
ROUTER	 445	
2/13/2004	 10:19:34 PM	 I	 211.116.29.131	  	 3126
ROUTER	 135	
2/13/2004	 10:19:34 PM	 I	 211.116.29.131	  	 3544
ROUTER	 445	
2/13/2004	 10:19:49 PM	 I	 211.116.29.131	  	 4436
ROUTER	 445	



More information about the list mailing list