[Dshield] Windoze Questions...SAMBA + Windows AD Question

John Sage jsage at finchhaven.com
Tue Feb 24 16:08:10 GMT 2004


Not to detract from any of Laurie's issues, but...

On Tue, Feb 24, 2004 at 12:42:43PM +0100, allan.vanleeuwen at orangemail.nl wrote:
> From: allan.vanleeuwen at orangemail.nl
> To: list at dshield.org
> Subject: RE: [Dshield] Windoze Questions...SAMBA + Windows AD
>  Question
> Date: Tue, 24 Feb 2004 12:42:43 +0100
> 
> 'sounds like you're either infected with viri or you're 0wned.'
> 
> I'm sorry, where did he say anything like that ?
> I think laurie is just pre-paranoid ... 
> 
> Cable modem lights can light up, if you are being scanned from
> outside ...  Doesn't mean you're owned !

/* snip */

...here's 24 seconds of cable modem chatter, *not* including anything
actually directed to me:

08:02:17.209504 arp who-has 67.168.5.133 tell 67.168.5.129
08:02:17.209765 arp who-has 67.168.5.138 tell 67.168.5.129
08:02:17.209915 arp who-has 67.168.5.144 tell 67.168.5.129
08:02:17.237093 arp who-has 67.168.5.146 tell 67.168.5.129
08:02:17.239624 arp who-has 67.168.5.152 tell 67.168.5.129
08:02:17.239878 arp who-has 67.168.5.148 tell 67.168.5.129
08:02:17.240032 arp who-has 67.168.5.154 tell 67.168.5.129
08:02:17.240172 arp who-has 67.168.5.157 tell 67.168.5.129
08:02:17.240308 arp who-has 67.168.5.156 tell 67.168.5.129
08:02:17.240448 arp who-has 67.168.5.160 tell 67.168.5.129
08:02:17.240581 arp who-has 67.168.5.162 tell 67.168.5.129
08:02:17.240726 arp who-has 67.168.5.164 tell 67.168.5.129
08:02:17.240867 arp who-has 67.168.5.167 tell 67.168.5.129
08:02:17.241003 arp who-has 67.168.5.166 tell 67.168.5.129
08:02:17.241139 arp who-has 67.168.5.170 tell 67.168.5.129
08:02:17.241281 arp who-has 67.168.5.177 tell 67.168.5.129
08:02:17.241471 arp who-has 67.168.5.176 tell 67.168.5.129
08:02:17.241616 arp who-has 67.168.5.179 tell 67.168.5.129
08:02:17.266672 arp who-has 67.168.5.185 tell 67.168.5.129
08:02:17.268884 arp who-has 67.168.5.184 tell 67.168.5.129
08:02:17.269146 arp who-has 67.168.5.187 tell 67.168.5.129
08:02:17.269298 arp who-has 67.168.5.189 tell 67.168.5.129
08:02:17.269440 arp who-has 67.168.5.199 tell 67.168.5.129
08:02:17.269581 arp who-has 67.168.5.196 tell 67.168.5.129
08:02:17.269722 arp who-has 67.168.5.201 tell 67.168.5.129
08:02:17.269860 arp who-has 67.168.5.206 tell 67.168.5.129
08:02:17.269998 arp who-has 67.168.5.209 tell 67.168.5.129
08:02:17.270136 arp who-has 67.168.5.208 tell 67.168.5.129
08:02:17.270275 arp who-has 67.168.5.212 tell 67.168.5.129
08:02:17.270413 arp who-has 67.168.5.211 tell 67.168.5.129
08:02:17.303223 arp who-has 67.168.5.220 tell 67.168.5.129
08:02:17.303490 arp who-has 67.168.5.221 tell 67.168.5.129
08:02:17.303642 arp who-has 67.168.5.226 tell 67.168.5.129
08:02:17.303778 arp who-has 67.168.5.224 tell 67.168.5.129
08:02:17.303918 arp who-has 67.168.5.232 tell 67.168.5.129
08:02:17.304055 arp who-has 67.168.5.230 tell 67.168.5.129
08:02:17.304190 arp who-has 67.168.5.236 tell 67.168.5.129
08:02:17.304329 arp who-has 67.168.5.238 tell 67.168.5.129
08:02:17.304468 arp who-has 67.168.5.241 tell 67.168.5.129
08:02:17.304604 arp who-has 67.168.5.244 tell 67.168.5.129
08:02:17.304743 arp who-has 67.168.5.245 tell 67.168.5.129
08:02:17.304884 arp who-has 67.168.5.246 tell 67.168.5.129
08:02:17.305020 arp who-has 67.168.5.247 tell 67.168.5.129
08:02:17.326800 arp who-has 67.168.5.251 tell 67.168.5.129
08:02:19.265931 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:19.469056 arp who-has 10.130.180.12 tell 10.130.176.1
08:02:20.064163 arp who-has 67.160.15.29 tell 67.160.15.1
08:02:20.108009 arp who-has 10.111.219.221 tell 10.111.218.1
08:02:20.818753 arp who-has 67.160.15.216 tell 67.160.15.1
08:02:22.287419 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:23.073389 arp who-has 67.160.15.29 tell 67.160.15.1
08:02:23.823719 arp who-has 67.160.15.216 tell 67.160.15.1
08:02:24.334242 arp who-has 67.168.5.133 tell 67.168.5.129
08:02:24.352820 arp who-has 67.168.5.138 tell 67.168.5.129
08:02:24.371289 arp who-has 67.168.5.144 tell 67.168.5.129
08:02:24.377509 arp who-has 67.168.5.146 tell 67.168.5.129
08:02:24.386585 arp who-has 67.168.5.148 tell 67.168.5.129
08:02:24.400659 arp who-has 67.168.5.152 tell 67.168.5.129
08:02:24.410076 arp who-has 67.168.5.154 tell 67.168.5.129
08:02:24.413907 arp who-has 67.168.5.156 tell 67.168.5.129
08:02:24.419235 arp who-has 67.168.5.157 tell 67.168.5.129
08:02:24.428623 arp who-has 67.168.5.160 tell 67.168.5.129
08:02:24.436662 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:25.351413 arp who-has 67.168.5.162 tell 67.168.5.129
08:02:25.356688 arp who-has 67.168.5.164 tell 67.168.5.129
08:02:25.363657 arp who-has 67.168.5.166 tell 67.168.5.129
08:02:25.366501 arp who-has 67.168.5.167 tell 67.168.5.129
08:02:25.377295 arp who-has 67.168.5.170 tell 67.168.5.129
08:02:25.395985 arp who-has 67.168.5.176 tell 67.168.5.129
08:02:25.406269 arp who-has 67.168.5.179 tell 67.168.5.129
08:02:25.423126 arp who-has 67.168.5.184 tell 67.168.5.129
08:02:25.425948 arp who-has 67.168.5.185 tell 67.168.5.129
08:02:25.432509 arp who-has 67.168.5.187 tell 67.168.5.129
08:02:25.439105 arp who-has 67.168.5.189 tell 67.168.5.129
08:02:25.922980 arp who-has 24.19.146.202 tell 24.19.144.1
08:02:26.200020 arp who-has 24.19.144.154 tell 24.19.144.1
08:02:26.382319 arp who-has 67.168.5.196 tell 67.168.5.129
08:02:26.389793 arp who-has 67.168.5.199 tell 67.168.5.129
08:02:26.396881 arp who-has 67.168.5.201 tell 67.168.5.129
08:02:26.413515 arp who-has 67.168.5.206 tell 67.168.5.129
08:02:26.419607 arp who-has 67.168.5.208 tell 67.168.5.129
08:02:26.425643 arp who-has 67.168.5.209 tell 67.168.5.129
08:02:26.429549 arp who-has 67.168.5.211 tell 67.168.5.129
08:02:26.435052 arp who-has 67.168.5.212 tell 67.168.5.129
08:02:26.459745 arp who-has 67.168.5.220 tell 67.168.5.129
08:02:27.380413 arp who-has 67.168.5.221 tell 67.168.5.129
08:02:27.394226 arp who-has 67.168.5.224 tell 67.168.5.129
08:02:27.397240 arp who-has 67.168.5.226 tell 67.168.5.129
08:02:27.411827 arp who-has 67.168.5.230 tell 67.168.5.129
08:02:27.417035 arp who-has 67.168.5.232 tell 67.168.5.129
08:02:27.432640 arp who-has 67.168.5.236 tell 67.168.5.129
08:02:27.436528 arp who-has 67.168.5.238 tell 67.168.5.129
08:02:27.446811 arp who-has 67.168.5.241 tell 67.168.5.129
08:02:27.458845 arp who-has 67.168.5.244 tell 67.168.5.129
08:02:27.459974 arp who-has 67.168.5.245 tell 67.168.5.129
08:02:27.463026 arp who-has 67.168.5.246 tell 67.168.5.129
08:02:27.466388 arp who-has 67.168.5.247 tell 67.168.5.129
08:02:27.878545 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:28.394150 arp who-has 67.168.5.251 tell 67.168.5.129
08:02:29.202195 arp who-has 24.19.144.154 tell 24.19.144.1
08:02:29.645033 arp who-has 24.19.146.202 tell 24.19.144.1
08:02:29.840696 arp who-has 67.160.15.216 tell 67.160.15.1
08:02:30.089738 arp who-has 24.19.147.52 tell 24.19.144.1
08:02:30.264233 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:31.463847 arp who-has 24.19.147.182 tell 24.19.144.1
08:02:32.404330 arp who-has 67.168.5.156 tell 67.168.5.129
08:02:33.052683 arp who-has 24.19.147.52 tell 24.19.144.1
08:02:33.353224 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:35.038563 arp who-has 24.19.146.202 tell 24.19.144.1
08:02:35.223124 arp who-has 24.19.144.154 tell 24.19.144.1
08:02:35.393855 arp who-has 67.168.5.156 tell 67.168.5.129
08:02:35.712067 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:38.387670 arp who-has 24.19.146.30 tell 24.19.144.1
08:02:39.056539 arp who-has 24.19.147.52 tell 24.19.144.1
08:02:39.087751 arp who-has 24.19.146.158 tell 24.19.144.1
08:02:40.291520 arp who-has 24.19.146.51 tell 24.19.144.1
08:02:41.415686 arp who-has 67.168.5.156 tell 67.168.5.129

/* snip */


All this is "lighting up the lights"...


- John
-- 
"Mad cow? You'd be mad too, if someone was trying to eat you."




More information about the list mailing list