logo       
<prev   next>

[LOGS] Summary of large-scale portscanning detects: msg#00006

security.intrusions

Subject: [LOGS] Summary of large-scale portscanning detects

The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.

May 4 00:01:30 218.106.47.66:4342 -> xxx.yyy.104.1:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4344 -> xxx.yyy.104.3:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4345 -> xxx.yyy.104.4:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4346 -> xxx.yyy.104.5:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4347 -> xxx.yyy.104.6:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4349 -> xxx.yyy.104.13:443 SYN ******S*
May 4 00:01:30 218.106.47.66:4351 -> xxx.yyy.104.15:443 SYN ******S*
May 4 00:01:32 218.106.47.66:4353 -> xxx.yyy.104.17:443 SYN ******S*
[...]
May 4 00:39:33 218.106.47.66:2143 -> xxx.yyy.255.245:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2145 -> xxx.yyy.255.246:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2146 -> xxx.yyy.255.247:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2147 -> xxx.yyy.255.248:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2148 -> xxx.yyy.255.249:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2149 -> xxx.yyy.255.250:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2153 -> xxx.yyy.255.254:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2150 -> xxx.yyy.255.251:443 SYN ******S*
May 4 00:39:33 218.106.47.66:2151 -> xxx.yyy.255.252:443 SYN ******S*
89173

May 4 04:52:25 217.37.10.225:4802 -> xxx.yyy.1.1:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4803 -> xxx.yyy.1.2:445 SYN ******S*
May 4 04:52:22 217.37.10.225:4804 -> xxx.yyy.1.3:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4805 -> xxx.yyy.1.4:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4806 -> xxx.yyy.1.5:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4807 -> xxx.yyy.1.6:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4808 -> xxx.yyy.1.7:445 SYN ******S*
May 4 04:52:25 217.37.10.225:4809 -> xxx.yyy.1.8:445 SYN ******S*
[...]
May 4 05:03:24 217.37.10.225:3240 -> xxx.yyy.255.248:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3237 -> xxx.yyy.255.245:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3245 -> xxx.yyy.255.253:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3241 -> xxx.yyy.255.249:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3242 -> xxx.yyy.255.250:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3238 -> xxx.yyy.255.246:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3239 -> xxx.yyy.255.247:445 SYN ******S*
May 4 05:03:24 217.37.10.225:3243 -> xxx.yyy.255.251:445 SYN ******S*
67523

May 4 02:41:32 192.192.231.249:2838 -> xxx.yyy.1.1:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2839 -> xxx.yyy.1.2:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2840 -> xxx.yyy.1.3:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2841 -> xxx.yyy.1.4:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2842 -> xxx.yyy.1.5:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2843 -> xxx.yyy.1.6:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2844 -> xxx.yyy.1.7:1433 SYN ******S*
May 4 02:41:32 192.192.231.249:2845 -> xxx.yyy.1.8:1433 SYN ******S*
[...]
May 4 02:53:12 192.192.231.249:1503 -> xxx.yyy.255.244:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1504 -> xxx.yyy.255.245:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1505 -> xxx.yyy.255.246:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1506 -> xxx.yyy.255.247:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1507 -> xxx.yyy.255.248:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1508 -> xxx.yyy.255.249:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1509 -> xxx.yyy.255.250:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1510 -> xxx.yyy.255.251:1433 SYN ******S*
May 4 02:53:12 192.192.231.249:1513 -> xxx.yyy.255.254:1433 SYN ******S*
66133

May 4 02:34:59 64.239.82.23:3725 -> xxx.yyy.1.13:445 SYN ******S*
May 4 02:34:59 64.239.82.23:3737 -> xxx.yyy.1.25:445 SYN ******S*
May 4 02:34:59 64.239.82.23:3744 -> xxx.yyy.1.32:445 SYN ******S*
May 4 02:34:59 64.239.82.23:3745 -> xxx.yyy.1.33:445 SYN ******S*
May 4 02:34:59 64.239.82.23:3752 -> xxx.yyy.1.40:445 SYN ******S*
May 4 02:34:59 64.239.82.23:3753 -> xxx.yyy.1.41:445 SYN ******S*
May 4 02:34:56 64.239.82.23:3772 -> xxx.yyy.1.60:445 SYN ******S*
May 4 02:34:57 64.239.82.23:3823 -> xxx.yyy.1.111:445 SYN ******S*
[...]
May 4 02:47:18 64.239.82.23:1093 -> xxx.yyy.255.245:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1090 -> xxx.yyy.255.242:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1087 -> xxx.yyy.255.239:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1100 -> xxx.yyy.255.252:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1097 -> xxx.yyy.255.249:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1098 -> xxx.yyy.255.250:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1102 -> xxx.yyy.255.253:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1103 -> xxx.yyy.255.254:445 SYN ******S*
May 4 02:47:18 64.239.82.23:1099 -> xxx.yyy.255.251:445 SYN ******S*
60469

May 4 15:31:29 24.130.133.159:22002 -> xxx.yyy.1.0:1080 SYN ******S*
May 4 15:31:29 24.130.133.159:22002 -> xxx.yyy.1.0:10080 SYN ******S*
May 4 15:31:29 24.130.133.159:22002 -> xxx.yyy.1.0:3128 SYN ******S*
May 4 15:31:29 24.130.133.159:22002 -> xxx.yyy.1.1:3127 SYN ******S*
May 4 15:31:30 24.130.133.159:22002 -> xxx.yyy.1.1:10080 SYN ******S*
May 4 15:31:30 24.130.133.159:22002 -> xxx.yyy.1.1:3128 SYN ******S*
May 4 15:31:31 24.130.133.159:22002 -> xxx.yyy.1.3:3127 SYN ******S*
May 4 15:31:31 24.130.133.159:22002 -> xxx.yyy.1.3:10080 SYN ******S*
[...]
May 4 23:03:44 24.130.133.159:22002 -> xxx.yyy.169.108:10080 SYN ******S*
May 4 23:03:44 24.130.133.159:22002 -> xxx.yyy.169.108:3128 SYN ******S*
May 4 23:03:45 24.130.133.159:22002 -> xxx.yyy.169.109:3127 SYN ******S*
May 4 23:03:45 24.130.133.159:22002 -> xxx.yyy.169.109:10080 SYN ******S*
May 4 23:03:45 24.130.133.159:22002 -> xxx.yyy.169.109:3128 SYN ******S*
May 4 23:03:46 24.130.133.159:22002 -> xxx.yyy.169.110:10080 SYN ******S*
May 4 23:03:46 24.130.133.159:22002 -> xxx.yyy.169.110:3128 SYN ******S*
May 4 23:03:46 24.130.133.159:22002 -> xxx.yyy.169.111:1080 SYN ******S*
58453

May 4 00:02:44 158.109.244.61:1390 -> xxx.yyy.1.81:139 SYN ******S*
May 4 00:02:44 158.109.244.61:1391 -> xxx.yyy.1.82:139 SYN ******S*
May 4 00:02:44 158.109.244.61:1392 -> xxx.yyy.1.83:139 SYN ******S*
May 4 00:02:44 158.109.244.61:1393 -> xxx.yyy.1.84:139 SYN ******S*
May 4 00:02:44 158.109.244.61:1394 -> xxx.yyy.1.85:139 SYN ******S*
May 4 00:02:47 158.109.244.61:1395 -> xxx.yyy.1.86:139 SYN ******S*
May 4 00:02:47 158.109.244.61:1396 -> xxx.yyy.1.87:139 SYN ******S*
May 4 00:02:46 158.109.244.61:1311 -> xxx.yyy.1.2:139 SYN ******S*
[...]
May 4 00:13:40 158.109.244.61:3883 -> xxx.yyy.255.183:139 SYN ******S*
May 4 00:13:40 158.109.244.61:3880 -> xxx.yyy.255.180:139 SYN ******S*
May 4 00:13:40 158.109.244.61:3881 -> xxx.yyy.255.181:139 SYN ******S*
May 4 00:13:40 158.109.244.61:3900 -> xxx.yyy.255.200:139 SYN ******S*
May 4 00:13:41 158.109.244.61:3943 -> xxx.yyy.255.243:139 SYN ******S*
May 4 00:13:41 158.109.244.61:3940 -> xxx.yyy.255.240:139 SYN ******S*
May 4 00:13:41 158.109.244.61:3944 -> xxx.yyy.255.244:139 SYN ******S*
May 4 00:13:41 158.109.244.61:3941 -> xxx.yyy.255.241:139 SYN ******S*
May 4 00:13:41 158.109.244.61:3952 -> xxx.yyy.255.252:139 SYN ******S*
54821

May 4 01:29:17 211.114.71.137:1866 -> xxx.yyy.1.1:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1867 -> xxx.yyy.1.2:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1868 -> xxx.yyy.1.3:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1869 -> xxx.yyy.1.4:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1870 -> xxx.yyy.1.5:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1873 -> xxx.yyy.1.8:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1874 -> xxx.yyy.1.9:8000 SYN ******S*
May 4 01:29:17 211.114.71.137:1875 -> xxx.yyy.1.10:8000 SYN ******S*
[...]
May 4 01:40:59 211.114.71.137:4264 -> xxx.yyy.255.249:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4267 -> xxx.yyy.255.252:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4261 -> xxx.yyy.255.246:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4266 -> xxx.yyy.255.251:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4260 -> xxx.yyy.255.245:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4265 -> xxx.yyy.255.250:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4262 -> xxx.yyy.255.247:8000 SYN ******S*
May 4 01:40:59 211.114.71.137:4263 -> xxx.yyy.255.248:8000 SYN ******S*
50412

May 4 08:30:59 24.30.20.217:3251 -> xxx.yyy.1.1:20168 SYN ******S*
May 4 08:30:58 24.30.20.217:3253 -> xxx.yyy.1.2:20168 SYN ******S*
May 4 08:30:58 24.30.20.217:3255 -> xxx.yyy.1.3:20168 SYN ******S*
May 4 08:30:58 24.30.20.217:3257 -> xxx.yyy.1.4:20168 SYN ******S*
May 4 08:31:01 24.30.20.217:3261 -> xxx.yyy.1.6:20168 SYN ******S*
May 4 08:30:58 24.30.20.217:3273 -> xxx.yyy.1.12:20168 SYN ******S*
May 4 08:30:58 24.30.20.217:3275 -> xxx.yyy.1.13:20168 SYN ******S*
May 4 08:30:59 24.30.20.217:3277 -> xxx.yyy.1.14:20168 SYN ******S*
[...]
May 4 08:43:12 24.30.20.217:1434 -> xxx.yyy.255.224:20168 SYN ******S*
May 4 08:43:12 24.30.20.217:1424 -> xxx.yyy.255.219:20168 SYN ******S*
May 4 08:43:12 24.30.20.217:1430 -> xxx.yyy.255.222:20168 SYN ******S*
May 4 08:43:12 24.30.20.217:1420 -> xxx.yyy.255.217:20168 SYN ******S*
May 4 08:43:13 24.30.20.217:1470 -> xxx.yyy.255.242:20168 SYN ******S*
May 4 08:43:13 24.30.20.217:1460 -> xxx.yyy.255.237:20168 SYN ******S*
May 4 08:43:13 24.30.20.217:1462 -> xxx.yyy.255.238:20168 SYN ******S*
May 4 08:43:13 24.30.20.217:1484 -> xxx.yyy.255.249:20168 SYN ******S*
May 4 08:43:13 24.30.20.217:1482 -> xxx.yyy.255.248:20168 SYN ******S*
48380

May 4 20:09:15 212.249.2.40:3768 -> xxx.yyy.1.1:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3769 -> xxx.yyy.1.2:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3773 -> xxx.yyy.1.6:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3774 -> xxx.yyy.1.7:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3778 -> xxx.yyy.1.11:139 SYN ******S*
May 4 20:09:15 212.249.2.40:3780 -> xxx.yyy.1.13:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3781 -> xxx.yyy.1.14:139 SYN ******S*
May 4 20:09:18 212.249.2.40:3782 -> xxx.yyy.1.15:139 SYN ******S*
[...]
May 4 20:20:18 212.249.2.40:1241 -> xxx.yyy.255.230:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1257 -> xxx.yyy.255.246:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1250 -> xxx.yyy.255.239:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1256 -> xxx.yyy.255.245:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1251 -> xxx.yyy.255.240:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1260 -> xxx.yyy.255.249:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1264 -> xxx.yyy.255.252:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1265 -> xxx.yyy.255.253:139 SYN ******S*
May 4 20:20:18 212.249.2.40:1266 -> xxx.yyy.255.254:139 SYN ******S*
47081

May 4 16:47:58 67.84.10.19:63800 -> xxx.yyy.1.1:6129 SYN ******S*
May 4 16:47:57 67.84.10.19:63802 -> xxx.yyy.1.2:6129 SYN ******S*
May 4 16:48:00 67.84.10.19:63803 -> xxx.yyy.1.3:6129 SYN ******S*
May 4 16:47:59 67.84.10.19:63987 -> xxx.yyy.1.4:6129 SYN ******S*
May 4 16:47:57 67.84.10.19:63805 -> xxx.yyy.1.5:6129 SYN ******S*
May 4 16:47:57 67.84.10.19:63807 -> xxx.yyy.1.7:6129 SYN ******S*
May 4 16:47:59 67.84.10.19:64000 -> xxx.yyy.1.8:6129 SYN ******S*
May 4 16:47:57 67.84.10.19:63809 -> xxx.yyy.1.9:6129 SYN ******S*
[...]
May 4 17:04:02 67.84.10.19:63057 -> xxx.yyy.255.135:6129 SYN ******S*
May 4 17:04:02 67.84.10.19:63052 -> xxx.yyy.255.131:6129 SYN ******S*
May 4 17:04:02 67.84.10.19:63065 -> xxx.yyy.255.143:6129 SYN ******S*
May 4 17:04:02 67.84.10.19:63075 -> xxx.yyy.255.151:6129 SYN ******S*
May 4 17:04:03 67.84.10.19:63818 -> xxx.yyy.255.239:6129 SYN ******S*
May 4 17:04:03 67.84.10.19:63218 -> xxx.yyy.255.225:6129 SYN ******S*
May 4 17:04:03 67.84.10.19:63851 -> xxx.yyy.255.235:6129 SYN ******S*
May 4 17:04:03 67.84.10.19:63231 -> xxx.yyy.255.237:6129 SYN ******S*
46011

May 4 09:04:01 208.46.103.15:1505 -> xxx.yyy.1.2:4898 SYN ******S*
May 4 09:04:01 208.46.103.15:1509 -> xxx.yyy.1.4:4898 SYN ******S*
May 4 09:04:04 208.46.103.15:1513 -> xxx.yyy.1.6:4898 SYN ******S*
May 4 09:04:01 208.46.103.15:1515 -> xxx.yyy.1.7:4898 SYN ******S*
May 4 09:04:02 208.46.103.15:1523 -> xxx.yyy.1.11:4898 SYN ******S*
May 4 09:04:04 208.46.103.15:1525 -> xxx.yyy.1.12:4898 SYN ******S*
May 4 09:04:01 208.46.103.15:1527 -> xxx.yyy.1.13:4898 SYN ******S*
May 4 09:04:02 208.46.103.15:1529 -> xxx.yyy.1.14:4898 SYN ******S*
[...]
May 4 09:15:52 208.46.103.15:2628 -> xxx.yyy.255.231:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2618 -> xxx.yyy.255.226:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2636 -> xxx.yyy.255.235:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2640 -> xxx.yyy.255.237:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2646 -> xxx.yyy.255.240:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2658 -> xxx.yyy.255.246:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2664 -> xxx.yyy.255.249:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2654 -> xxx.yyy.255.244:4898 SYN ******S*
May 4 09:15:52 208.46.103.15:2674 -> xxx.yyy.255.254:4898 SYN ******S*
41125

May 4 00:00:19 81.108.0.122:1106 -> xxx.yyy.165.61:2745 SYN ******S*
May 4 00:00:19 81.108.0.122:1109 -> xxx.yyy.165.61:445 SYN ******S*
May 4 00:00:19 81.108.0.122:1108 -> xxx.yyy.165.61:1025 SYN ******S*
May 4 00:00:19 81.108.0.122:1112 -> xxx.yyy.165.61:3127 SYN ******S*
May 4 00:00:19 81.108.0.122:1113 -> xxx.yyy.165.61:6129 SYN ******S*
May 4 00:00:21 81.108.0.122:1140 -> xxx.yyy.212.92:2745 SYN ******S*
May 4 00:00:19 81.108.0.122:4668 -> xxx.yyy.176.179:2745 SYN ******S*
May 4 00:00:25 81.108.0.122:1112 -> xxx.yyy.165.61:3127 SYN ******S*
[...]
May 4 15:16:16 81.108.0.122:2712 -> xxx.yyy.189.133:2745 SYN ******S*
May 4 15:16:30 81.108.0.122:2940 -> xxx.yyy.155.25:2745 SYN ******S*
May 4 15:16:28 81.108.0.122:2972 -> xxx.yyy.143.36:1025 SYN ******S*
May 4 15:16:31 81.108.0.122:2967 -> xxx.yyy.143.36:2745 SYN ******S*
May 4 15:16:31 81.108.0.122:2978 -> xxx.yyy.216.150:2745 SYN ******S*
May 4 15:16:31 81.108.0.122:2845 -> xxx.yyy.76.107:2745 SYN ******S*
May 4 15:16:36 81.108.0.122:2940 -> xxx.yyy.155.25:2745 SYN ******S*
May 4 15:16:37 81.108.0.122:2972 -> xxx.yyy.143.36:1025 SYN ******S*
38880

May 4 00:00:10 81.250.27.41:3040 -> xxx.yyy.69.159:2745 SYN ******S*
May 4 00:00:14 81.250.27.41:3250 -> xxx.yyy.199.149:2745 SYN ******S*
May 4 00:00:16 81.250.27.41:3277 -> xxx.yyy.186.134:2745 SYN ******S*
May 4 00:00:13 81.250.27.41:3221 -> xxx.yyy.153.116:2745 SYN ******S*
May 4 00:00:16 81.250.27.41:3292 -> xxx.yyy.80.14:2745 SYN ******S*
May 4 00:00:15 81.250.27.41:3319 -> xxx.yyy.10.49:2745 SYN ******S*
May 4 00:00:16 81.250.27.41:3341 -> xxx.yyy.234.90:2745 SYN ******S*
May 4 00:00:16 81.250.27.41:3346 -> xxx.yyy.106.219:2745 SYN ******S*
[...]
May 4 09:23:42 81.250.27.41:1744 -> xxx.yyy.65.132:2745 SYN ******S*
May 4 09:23:45 81.250.27.41:1747 -> xxx.yyy.65.132:1025 SYN ******S*
May 4 09:23:50 81.250.27.41:1843 -> xxx.yyy.164.65:2745 SYN ******S*
May 4 09:23:50 81.250.27.41:1741 -> xxx.yyy.181.93:2745 SYN ******S*
May 4 09:23:51 81.250.27.41:1747 -> xxx.yyy.65.132:1025 SYN ******S*
May 4 09:23:51 81.250.27.41:1744 -> xxx.yyy.65.132:2745 SYN ******S*
May 4 09:23:55 81.250.27.41:1942 -> xxx.yyy.254.99:2745 SYN ******S*
May 4 09:23:52 81.250.27.41:1944 -> xxx.yyy.254.99:1025 SYN ******S*
May 4 09:23:56 81.250.27.41:1843 -> xxx.yyy.164.65:2745 SYN ******S*
35862

May 4 00:00:04 166.122.235.119:22002 -> xxx.yyy.217.182:1080 SYN ******S*
May 4 00:00:04 166.122.235.119:22002 -> xxx.yyy.217.182:10080 SYN ******S*
May 4 00:00:04 166.122.235.119:22002 -> xxx.yyy.217.182:3128 SYN ******S*
May 4 00:00:04 166.122.235.119:22002 -> xxx.yyy.217.183:3127 SYN ******S*
May 4 00:00:05 166.122.235.119:22002 -> xxx.yyy.217.183:1080 SYN ******S*
May 4 00:00:05 166.122.235.119:22002 -> xxx.yyy.217.183:10080 SYN ******S*
May 4 00:00:05 166.122.235.119:22002 -> xxx.yyy.217.183:3128 SYN ******S*
May 4 00:00:05 166.122.235.119:22002 -> xxx.yyy.217.184:3127 SYN ******S*
[...]
May 4 01:11:47 166.122.235.119:22002 -> xxx.yyy.255.252:1080 SYN ******S*
May 4 01:11:47 166.122.235.119:22002 -> xxx.yyy.255.252:10080 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.253:3127 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.253:1080 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.253:10080 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.253:3128 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.254:3127 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.254:1080 SYN ******S*
May 4 01:11:48 166.122.235.119:22002 -> xxx.yyy.255.254:10080 SYN ******S*
33066

May 4 22:47:51 62.34.90.67:3923 -> xxx.yyy.1.1:21 SYN ******S*
May 4 22:47:51 62.34.90.67:3924 -> xxx.yyy.1.2:21 SYN ******S*
May 4 22:47:50 62.34.90.67:3926 -> xxx.yyy.1.4:21 SYN ******S*
May 4 22:47:50 62.34.90.67:3928 -> xxx.yyy.1.6:21 SYN ******S*
May 4 22:47:50 62.34.90.67:3929 -> xxx.yyy.1.7:21 SYN ******S*
May 4 22:47:50 62.34.90.67:3930 -> xxx.yyy.1.8:21 SYN ******S*
May 4 22:47:53 62.34.90.67:3933 -> xxx.yyy.1.11:21 SYN ******S*
May 4 22:47:50 62.34.90.67:3934 -> xxx.yyy.1.12:21 SYN ******S*
[...]
May 4 23:55:36 62.34.90.67:1179 -> xxx.yyy.255.249:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1176 -> xxx.yyy.255.246:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1160 -> xxx.yyy.255.230:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1157 -> xxx.yyy.255.227:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1173 -> xxx.yyy.255.243:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1170 -> xxx.yyy.255.240:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1154 -> xxx.yyy.255.224:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1167 -> xxx.yyy.255.237:21 SYN ******S*
May 4 23:55:36 62.34.90.67:1151 -> xxx.yyy.255.221:21 SYN ******S*
28926

May 4 11:25:49 213.47.16.208:22002 -> xxx.yyy.1.0:10080 SYN ******S*
May 4 11:25:49 213.47.16.208:22002 -> xxx.yyy.1.1:1080 SYN ******S*
May 4 11:25:50 213.47.16.208:22002 -> xxx.yyy.1.2:3128 SYN ******S*
May 4 11:25:50 213.47.16.208:22002 -> xxx.yyy.1.3:3128 SYN ******S*
May 4 11:25:50 213.47.16.208:22002 -> xxx.yyy.1.4:1080 SYN ******S*
May 4 11:25:50 213.47.16.208:22002 -> xxx.yyy.1.4:3127 SYN ******S*
May 4 11:25:51 213.47.16.208:22002 -> xxx.yyy.1.5:3128 SYN ******S*
May 4 11:25:51 213.47.16.208:22002 -> xxx.yyy.1.6:1080 SYN ******S*
[...]
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.130:1080 SYN ******S*
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.130:10080 SYN ******S*
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.131:3127 SYN ******S*
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.131:10080 SYN ******S*
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.131:3128 SYN ******S*
May 4 15:35:52 213.47.16.208:22002 -> xxx.yyy.135.132:1080 SYN ******S*
May 4 15:35:53 213.47.16.208:22002 -> xxx.yyy.135.132:3128 SYN ******S*
May 4 15:35:53 213.47.16.208:22002 -> xxx.yyy.135.133:3127 SYN ******S*
May 4 15:35:53 213.47.16.208:22002 -> xxx.yyy.135.134:3127 SYN ******S*
27965

[...]
14635

May 4 00:01:16 193.129.76.82:32756 -> xxx.yyy.253.186:2745 SYN ******S*
May 4 00:01:14 193.129.76.82:54820 -> xxx.yyy.255.161:2745 SYN ******S*
May 4 00:01:15 193.129.76.82:14437 -> xxx.yyy.206.38:2745 SYN ******S*
May 4 00:01:15 193.129.76.82:19609 -> xxx.yyy.206.38:1025 SYN ******S*
May 4 00:01:15 193.129.76.82:16940 -> xxx.yyy.206.38:445 SYN ******S*
May 4 00:01:13 193.129.76.82:11366 -> xxx.yyy.217.37:2745 SYN ******S*
May 4 00:01:14 193.129.76.82:1697 -> xxx.yyy.147.184:2745 SYN ******S*
May 4 00:01:15 193.129.76.82:4788 -> xxx.yyy.182.96:2745 SYN ******S*
[...]
May 4 06:02:28 193.129.76.82:30564 -> xxx.yyy.144.177:2745 SYN ******S*
May 4 06:02:28 193.129.76.82:63425 -> xxx.yyy.185.229:2745 SYN ******S*
May 4 06:02:29 193.129.76.82:27366 -> xxx.yyy.159.148:445 SYN ******S*
May 4 06:02:29 193.129.76.82:55969 -> xxx.yyy.159.148:1025 SYN ******S*
May 4 06:02:29 193.129.76.82:5472 -> xxx.yyy.159.148:2745 SYN ******S*
May 4 06:02:29 193.129.76.82:63783 -> xxx.yyy.159.148:139 SYN ******S*
May 4 06:02:29 193.129.76.82:48002 -> xxx.yyy.159.148:6129 SYN ******S*
May 4 06:02:29 193.129.76.82:22822 -> xxx.yyy.159.148:3127 SYN ******S*
12264

May 4 19:42:37 66.14.222.126:27684 -> xxx.yyy.10.238:445 SYN ******S*
May 4 19:42:37 66.14.222.126:27687 -> xxx.yyy.10.244:445 SYN ******S*
May 4 19:42:40 66.14.222.126:27736 -> xxx.yyy.10.247:445 SYN ******S*
May 4 19:42:40 66.14.222.126:27739 -> xxx.yyy.10.239:445 SYN ******S*
May 4 19:42:37 66.14.222.126:27970 -> xxx.yyy.10.251:445 SYN ******S*
May 4 19:42:40 66.14.222.126:27971 -> xxx.yyy.10.252:445 SYN ******S*
May 4 19:42:37 66.14.222.126:27973 -> xxx.yyy.10.240:445 SYN ******S*
May 4 19:42:38 66.14.222.126:27983 -> xxx.yyy.11.1:445 SYN ******S*
[...]
May 4 23:59:36 66.14.222.126:6379 -> xxx.yyy.111.242:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6418 -> xxx.yyy.111.243:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6419 -> xxx.yyy.111.246:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6420 -> xxx.yyy.111.247:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6421 -> xxx.yyy.111.249:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6423 -> xxx.yyy.111.250:445 SYN ******S*
May 4 23:59:36 66.14.222.126:6470 -> xxx.yyy.111.248:445 SYN ******S*
May 4 23:59:36 66.14.222.126:8103 -> xxx.yyy.111.254:445 SYN ******S*
May 4 23:59:36 66.14.222.126:8225 -> xxx.yyy.111.255:445 SYN ******S*
12006

May 4 00:01:39 202.108.87.100:2405 -> xxx.yyy.160.210:2745 SYN ******S*
May 4 00:01:44 202.108.87.100:2580 -> xxx.yyy.86.31:2745 SYN ******S*
May 4 00:01:41 202.108.87.100:2536 -> xxx.yyy.128.52:2745 SYN ******S*
May 4 00:01:42 202.108.87.100:2449 -> xxx.yyy.194.2:2745 SYN ******S*
May 4 00:01:45 202.108.87.100:2610 -> xxx.yyy.212.9:2745 SYN ******S*
May 4 00:01:42 202.108.87.100:2615 -> xxx.yyy.214.207:2745 SYN ******S*
May 4 00:01:43 202.108.87.100:2468 -> xxx.yyy.220.16:2745 SYN ******S*
May 4 00:01:46 202.108.87.100:2615 -> xxx.yyy.214.207:2745 SYN ******S*
[...]
May 4 23:53:01 202.108.87.100:1419 -> xxx.yyy.254.92:2745 SYN ******S*
May 4 23:53:05 202.108.87.100:1469 -> xxx.yyy.13.76:2745 SYN ******S*
May 4 23:53:06 202.108.87.100:1381 -> xxx.yyy.235.21:2745 SYN ******S*
May 4 23:53:08 202.108.87.100:1419 -> xxx.yyy.254.92:2745 SYN ******S*
May 4 23:53:11 202.108.87.100:1568 -> xxx.yyy.162.111:2745 SYN ******S*
May 4 23:53:12 202.108.87.100:1469 -> xxx.yyy.13.76:2745 SYN ******S*
May 4 23:53:17 202.108.87.100:1568 -> xxx.yyy.162.111:2745 SYN ******S*
May 4 23:53:18 202.108.87.100:1710 -> xxx.yyy.104.39:2745 SYN ******S*
9681

May 4 00:00:11 65.195.133.120:1988 -> xxx.yyy.222.220:2745 SYN ******S*
May 4 00:00:14 65.195.133.120:2276 -> xxx.yyy.87.164:2745 SYN ******S*
May 4 00:00:14 65.195.133.120:2277 -> xxx.yyy.87.164:1025 SYN ******S*
May 4 00:00:17 65.195.133.120:2389 -> xxx.yyy.216.234:2745 SYN ******S*
May 4 00:00:14 65.195.133.120:2407 -> xxx.yyy.173.211:2745 SYN ******S*
May 4 00:00:21 65.195.133.120:2557 -> xxx.yyy.214.236:2745 SYN ******S*
May 4 00:00:20 65.195.133.120:2615 -> xxx.yyy.16.161:1025 SYN ******S*
May 4 00:00:22 65.195.133.120:2600 -> xxx.yyy.80.251:6129 SYN ******S*
[...]
May 4 23:57:37 65.195.133.120:62878 -> xxx.yyy.149.204:2745 SYN ******S*
May 4 23:57:41 65.195.133.120:63166 -> xxx.yyy.86.48:2745 SYN ******S*
May 4 23:57:42 65.195.133.120:63031 -> xxx.yyy.107.88:2745 SYN ******S*
May 4 23:57:42 65.195.133.120:63045 -> xxx.yyy.105.145:2745 SYN ******S*
May 4 23:57:43 65.195.133.120:63049 -> xxx.yyy.106.166:2745 SYN ******S*
May 4 23:57:45 65.195.133.120:63328 -> xxx.yyy.130.22:2745 SYN ******S*
May 4 23:57:45 65.195.133.120:63358 -> xxx.yyy.252.5:2745 SYN ******S*
May 4 23:57:47 65.195.133.120:63166 -> xxx.yyy.86.48:2745 SYN ******S*
May 4 23:57:48 65.195.133.120:63358 -> xxx.yyy.252.5:2745 SYN ******S*
8275

May 4 00:03:33 81.66.204.160:1763 -> xxx.yyy.105.247:2745 SYN ******S*
May 4 00:03:33 81.66.204.160:1649 -> xxx.yyy.68.161:2745 SYN ******S*
May 4 00:03:35 81.66.204.160:1796 -> xxx.yyy.221.136:2745 SYN ******S*
May 4 00:03:35 81.66.204.160:1798 -> xxx.yyy.221.136:1025 SYN ******S*
May 4 00:03:34 81.66.204.160:1676 -> xxx.yyy.13.40:2745 SYN ******S*
May 4 00:03:39 81.66.204.160:1763 -> xxx.yyy.105.247:2745 SYN ******S*
May 4 00:03:41 81.66.204.160:1933 -> xxx.yyy.152.65:2745 SYN ******S*
May 4 00:03:41 81.66.204.160:1796 -> xxx.yyy.221.136:2745 SYN ******S*
[...]
May 4 14:44:23 81.66.204.160:3846 -> xxx.yyy.132.135:1025 SYN ******S*
May 4 14:44:23 81.66.204.160:3844 -> xxx.yyy.132.135:2745 SYN ******S*
May 4 14:44:24 81.66.204.160:3707 -> xxx.yyy.245.189:2745 SYN ******S*
May 4 14:48:15 81.66.204.160:2754 -> xxx.yyy.222.201:2745 SYN ******S*
May 4 14:48:15 81.66.204.160:2756 -> xxx.yyy.222.201:1025 SYN ******S*
May 4 14:48:17 81.66.204.160:2787 -> xxx.yyy.73.60:1025 SYN ******S*
May 4 14:48:17 81.66.204.160:2785 -> xxx.yyy.73.60:2745 SYN ******S*
May 4 14:48:18 81.66.204.160:3065 -> xxx.yyy.216.61:2745 SYN ******S*
May 4 14:48:23 81.66.204.160:3151 -> xxx.yyy.254.1:2745 SYN ******S*
8013

May 4 00:01:01 221.10.44.93:39892 -> xxx.yyy.175.179:2745 SYN ******S*
May 4 00:01:05 221.10.44.93:51129 -> xxx.yyy.91.18:1025 SYN ******S*
May 4 00:01:05 221.10.44.93:51158 -> xxx.yyy.91.18:5000 SYN ******S*
May 4 00:01:05 221.10.44.93:60566 -> xxx.yyy.91.18:80 SYN ******S*
May 4 00:01:05 221.10.44.93:51146 -> xxx.yyy.91.18:3127 SYN ******S*
May 4 00:01:05 221.10.44.93:40978 -> xxx.yyy.91.18:6129 SYN ******S*
May 4 00:01:05 221.10.44.93:60565 -> xxx.yyy.91.18:2745 SYN ******S*
May 4 00:01:02 221.10.44.93:59892 -> xxx.yyy.83.39:2745 SYN ******S*
[...]
May 4 23:58:22 221.10.44.93:13188 -> xxx.yyy.15.136:2745 SYN ******S*
May 4 23:58:24 221.10.44.93:51396 -> xxx.yyy.160.141:2745 SYN ******S*
May 4 23:58:24 221.10.44.93:6333 -> xxx.yyy.69.249:2745 SYN ******S*
May 4 23:58:21 221.10.44.93:5950 -> xxx.yyy.91.58:2745 SYN ******S*
May 4 23:58:25 221.10.44.93:51127 -> xxx.yyy.187.46:2745 SYN ******S*
May 4 23:58:29 221.10.44.93:13188 -> xxx.yyy.15.136:2745 SYN ******S*
May 4 23:58:30 221.10.44.93:51396 -> xxx.yyy.160.141:2745 SYN ******S*
May 4 23:58:30 221.10.44.93:6333 -> xxx.yyy.69.249:2745 SYN ******S*
May 4 23:58:31 221.10.44.93:51839 -> xxx.yyy.20.203:2745 SYN ******S*
7821

May 4 00:02:35 83.35.14.220:4215 -> xxx.yyy.247.226:2745 SYN ******S*
May 4 00:02:35 83.35.14.220:4228 -> xxx.yyy.234.41:2745 SYN ******S*
May 4 00:02:36 83.35.14.220:4250 -> xxx.yyy.142.1:1025 SYN ******S*
May 4 00:02:36 83.35.14.220:4244 -> xxx.yyy.142.1:2745 SYN ******S*
May 4 00:02:38 83.35.14.220:4373 -> xxx.yyy.155.218:2745 SYN ******S*
May 4 00:02:45 83.35.14.220:4326 -> xxx.yyy.198.127:2745 SYN ******S*
May 4 00:02:46 83.35.14.220:4373 -> xxx.yyy.155.218:2745 SYN ******S*
May 4 00:02:47 83.35.14.220:4966 -> xxx.yyy.224.211:2745 SYN ******S*
[...]
May 4 07:47:02 83.35.14.220:3574 -> xxx.yyy.210.136:2745 SYN ******S*
May 4 07:47:04 83.35.14.220:3306 -> xxx.yyy.232.228:2745 SYN ******S*
May 4 07:47:06 83.35.14.220:3991 -> xxx.yyy.12.210:2745 SYN ******S*
May 4 07:47:06 83.35.14.220:3506 -> xxx.yyy.227.80:2745 SYN ******S*
May 4 07:47:06 83.35.14.220:3510 -> xxx.yyy.187.108:2745 SYN ******S*
May 4 07:47:06 83.35.14.220:3516 -> xxx.yyy.228.51:2745 SYN ******S*
May 4 07:47:07 83.35.14.220:3574 -> xxx.yyy.210.136:2745 SYN ******S*
May 4 07:47:09 83.35.14.220:3991 -> xxx.yyy.12.210:2745 SYN ******S*
5778

[...]
4818

May 4 00:00:52 65.100.122.132:81 -> xxx.yyy.70.168:4615 INVALIDACK ***A*R*F
May 4 00:01:01 65.100.122.132:81 -> xxx.yyy.70.168:4615 INVALIDACK ***A*R*F
May 4 00:01:14 65.100.122.132:81 -> xxx.yyy.73.202:2353 INVALIDACK ***A*R*F
May 4 00:01:16 65.100.122.132:81 -> xxx.yyy.71.21:4052 INVALIDACK ***A*R*F
May 4 00:01:17 65.100.122.132:81 -> xxx.yyy.71.21:4052 INVALIDACK ***A*R*F
May 4 00:01:38 65.100.122.132:81 -> xxx.yyy.68.29:1663 INVALIDACK ***A*R*F
May 4 00:03:21 65.100.122.132:81 -> xxx.yyy.73.193:4791 INVALIDACK ***A*R*F
May 4 00:03:43 65.100.122.132:81 -> xxx.yyy.68.29:1952 INVALIDACK ***A*R*F
[...]
May 4 23:57:51 65.100.122.132:81 -> xxx.yyy.67.176:1648 INVALIDACK ***A*R*F
May 4 23:58:32 65.100.122.132:81 -> xxx.yyy.67.193:4725 INVALIDACK ***A*R*F
May 4 23:58:31 65.100.122.132:81 -> xxx.yyy.67.133:1134 INVALIDACK ***A*R*F
May 4 23:58:48 65.100.122.132:81 -> xxx.yyy.67.176:1788 INVALIDACK ***A*R*F
May 4 23:59:27 65.100.122.132:81 -> xxx.yyy.67.203:1672 INVALIDACK ***A*R*F
May 4 23:59:45 65.100.122.132:81 -> xxx.yyy.84.178:3923 INVALIDACK ***A*R*F
May 4 23:59:53 65.100.122.132:81 -> xxx.yyy.80.253:4521 INVALIDACK ***A*R*F
May 4 23:59:55 65.100.122.132:81 -> xxx.yyy.80.253:4522 INVALIDACK ***A*R*F
4809

--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly@xxxxxxx phone: (319) 273-5850 fax: (319) 273-7373
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx
http://www.dshield.org/mailman/listinfo/intrusions
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  LOGS: GIAC GCIA Version 3.4 Practical Detect (Dana Webber): 00006, Dana Webber
Next by Date:  Excessively large URI attacks: 00006, Barry Fitzgerald
Previous by Thread:  [LOGS] Summary of large-scale portscanning detectsi: 00006, Ken . Connelly
Next by Thread:  [LOGS] Summary of large-scale portscanning detects: 00006, Ken . Connelly
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise