SubSeven probes

Anderson Johnston andy at umbc.edu
Wed Aug 29 20:53:15 GMT 2001


This is the third day in a row that I've seen probing like this.  It looks
a lot like distributed, coordinated probing for SubSeven.  Anyone else
seeing it?

						- Andy

PS By coincidence, the students have been here since Saturday.

------------------------------------------------------------------------------
** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949  **
** Manager of IT Security                 * PGP key:(afj2000) 1024/F67035E1 **
** Office of Information Technology, UMBC *        5D 44 1E 2E A6 7C 91 7A  **
** 410-455-2583 (v)/410-455-1065 (f)      *        C4 66 5F D5 BA B9 F6 58  **
------------------------------------------------------------------------------


===================================================================================
                            Scanners by Number of Target IP Addresses
			    -----------------------------------------
Scanner IP		# Targets 		Ports 			Type
-------------------	--------------		-----------		-----------
4.35.69.53     		27      		27374      		SYN
24.18.190.118  		33      		27374      		SYN
24.19.149.48   		26      		27374      		SYN
24.51.96.34    		43      		27374      		SYN
24.70.138.151  		28      		27374      		SYN
24.93.26.127   		24      		27374      		SYN
24.108.196.253 		23      		27374      		SYN
24.150.64.237  		23      		27374      		SYN
24.181.252.190 		24      		27374      		SYN
24.203.65.23   		33      		27374      		SYN
24.247.123.160 		21      		27374      		SYN
24.250.107.58  		26      		27374      		SYN
61.10.64.145   		30      		27374      		SYN
62.252.153.45  		23      		27374      		SYN
63.114.221.103 		25      		27374      		SYN
63.121.239.164 		30      		27374      		SYN
63.208.133.70  		46      		27374      		SYN
63.231.25.93   		40      		27374      		SYN
64.109.158.136 		20      		27374      		SYN
64.114.119.129 		29      		27374      		SYN
64.218.66.188  		24      		27374      		SYN
64.228.22.147  		30      		27374      		SYN
64.229.241.49  		21      		27374      		SYN
64.230.104.253 		44      		27374      		SYN
65.80.142.71   		39      		27374      		SYN
65.81.228.122  		20      		27374      		SYN
65.92.201.208  		22      		27374      		SYN
65.96.254.87   		24      		27374      		SYN
66.20.193.201  		31      		27374      		SYN
66.24.154.121  		32      		27374      		SYN
66.24.171.234  		37      		27374      		SYN
66.24.199.139  		48      		27374      		SYN
66.24.229.114  		37      		27374      		SYN
66.57.40.234   		23      		27374      		SYN
66.66.211.159  		26      		27374      		SYN
66.108.46.85   		20      		27374      		SYN
128.143.81.198 		35      		27374      		SYN
128.180.123.182		26      		27374      		SYN
129.244.37.153 		65      		27374      		SYN

MY.NET.97.171  		46      		27374      		SYN
MY.NET.97.187  		112     		2737 27374 		SYN
MY.NET.97.233  		617     		443 27374  		SYN
MY.NET.98.126  		453     		27374      		SYN
MY.NET.202.42  		346     		2737 27374 		SYN

134.121.248.159		43      		27374      		SYN
142.154.65.60  		34      		27374      		SYN
151.197.12.113 		27      		27374      		SYN
172.145.170.55 		44      		27374      		SYN
172.189.246.214		33      		27374      		SYN
203.218.41.64  		30      		27374      		SYN
204.60.49.215  		31      		27374      		SYN
204.60.236.227 		23      		27374      		SYN
207.68.50.122  		21      		27374      		SYN
207.173.228.149		37      		27374      		SYN
209.123.114.234		20      		27374      		SYN
212.68.246.62  		25      		27374      		SYN
212.198.66.149 		21      		27374      		SYN
213.46.17.105  		24      		27374      		SYN
213.48.168.253 		26      		27374      		SYN
213.51.200.237 		35      		27374      		SYN
213.112.63.156 		22      		27374      		SYN
213.141.85.198 		27      		27374      		SYN
213.168.64.101 		20      		27374      		SYN
216.26.42.4    		25      		27374      		SYN
216.232.69.205 		32      		27374      		SYN
217.128.161.70 		20      		27374      		SYN
217.136.100.190		42      		27374      		SYN
217.136.115.140		45      		27374      		SYN



More information about the unisog mailing list