[Dshield] What is the fun of this? Daily 70 packets to 1026 and 1027

Freek de Kruijf f.de.kruijf at hetnet.nl
Mon Mar 28 12:00:50 GMT 2005

I have at home an ADSL connection with one permanent IP-address. My 
system is always online. Since about a month and a half I get daily 
about 70 UDP packages to the ports 1026 and 1027 from one IP-address (Shanghai, China). These packages are dropped by the 
firewall in my Linux box. I examened the content once with tcpdump and 
ethereal and the content showed some advertisement of a website; forgot 
what it was about. Naturally I complained at the mail address 
associated with the IP-address, wanglin at shaidc.com, but this turned out 
to be a non-existing address, however abuse at shaidc.com seemed to exist, 
however no reaction.

I wonder why anybody keeps "pounding" my IP-address so consistently and 
what the fun is of this type of "attack".



More information about the list mailing list