logo       
<prev   next>

[LOGS] Summary of large-scale portscanning detects: msg#00011

security.intrusions

Subject: [LOGS] Summary of large-scale portscanning detects

The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.

May 5 07:47:20 80.200.150.98:2607 -> xxx.yyy.246.126:139 SYN ******S*
May 5 07:47:17 80.200.150.98:2611 -> xxx.yyy.236.253:139 SYN ******S*
May 5 07:47:20 80.200.150.98:2613 -> xxx.yyy.227.124:139 SYN ******S*
May 5 07:47:20 80.200.150.98:2617 -> xxx.yyy.208.122:139 SYN ******S*
May 5 07:47:20 80.200.150.98:2621 -> xxx.yyy.198.249:139 SYN ******S*
May 5 07:47:20 80.200.150.98:2624 -> xxx.yyy.170.118:139 SYN ******S*
May 5 07:47:20 80.200.150.98:2625 -> xxx.yyy.160.245:139 SYN ******S*
May 5 07:47:18 80.200.150.98:2626 -> xxx.yyy.151.116:139 SYN ******S*
[...]
May 5 10:04:26 80.200.150.98:3644 -> xxx.yyy.151.210:445 SYN ******S*
May 5 10:04:26 80.200.150.98:3657 -> xxx.yyy.142.238:445 SYN ******S*
May 5 10:04:26 80.200.150.98:3658 -> xxx.yyy.189.57:445 SYN ******S*
May 5 10:04:26 80.200.150.98:3671 -> xxx.yyy.133.109:445 SYN ******S*
May 5 10:04:26 80.200.150.98:3683 -> xxx.yyy.152.111:445 SYN ******S*
May 5 10:04:27 80.200.150.98:3694 -> xxx.yyy.75.202:445 SYN ******S*
May 5 10:04:27 80.200.150.98:3701 -> xxx.yyy.246.63:445 SYN ******S*
May 5 10:04:27 80.200.150.98:3710 -> xxx.yyy.132.51:445 SYN ******S*
86034

May 5 02:35:23 81.61.41.187:1109 -> xxx.yyy.1.1:139 SYN ******S*
May 5 02:35:23 81.61.41.187:1110 -> xxx.yyy.1.4:445 SYN ******S*
May 5 02:35:23 81.61.41.187:1111 -> xxx.yyy.1.4:139 SYN ******S*
May 5 02:35:21 81.61.41.187:1112 -> xxx.yyy.1.5:445 SYN ******S*
May 5 02:35:24 81.61.41.187:1113 -> xxx.yyy.1.5:139 SYN ******S*
May 5 02:35:24 81.61.41.187:1114 -> xxx.yyy.1.6:445 SYN ******S*
May 5 02:35:24 81.61.41.187:1115 -> xxx.yyy.1.6:139 SYN ******S*
May 5 02:35:22 81.61.41.187:1117 -> xxx.yyy.1.7:445 SYN ******S*
[...]
May 5 14:21:22 81.61.41.187:1615 -> xxx.yyy.166.42:139 SYN ******S*
May 5 14:21:21 81.61.41.187:1612 -> xxx.yyy.166.41:139 SYN ******S*
May 5 14:21:21 81.61.41.187:1600 -> xxx.yyy.166.35:139 SYN ******S*
May 5 14:21:21 81.61.41.187:1599 -> xxx.yyy.166.35:445 SYN ******S*
May 5 14:21:23 81.61.41.187:1604 -> xxx.yyy.166.37:139 SYN ******S*
May 5 14:21:24 81.61.41.187:1605 -> xxx.yyy.166.38:445 SYN ******S*
May 5 14:21:25 81.61.41.187:1607 -> xxx.yyy.166.39:445 SYN ******S*
May 5 14:21:26 81.61.41.187:1610 -> xxx.yyy.166.40:139 SYN ******S*
May 5 14:21:27 81.61.41.187:1614 -> xxx.yyy.166.42:445 SYN ******S*
80315

May 5 07:32:15 134.169.192.7:2844 -> xxx.yyy.1.1:8000 SYN ******S*
May 5 07:32:15 134.169.192.7:2845 -> xxx.yyy.1.2:8000 SYN ******S*
May 5 07:32:14 134.169.192.7:2846 -> xxx.yyy.1.3:8000 SYN ******S*
May 5 07:32:14 134.169.192.7:2847 -> xxx.yyy.1.4:8000 SYN ******S*
May 5 07:32:17 134.169.192.7:2848 -> xxx.yyy.1.5:8000 SYN ******S*
May 5 07:32:17 134.169.192.7:2849 -> xxx.yyy.1.6:8000 SYN ******S*
May 5 07:32:17 134.169.192.7:2850 -> xxx.yyy.1.7:8000 SYN ******S*
May 5 07:32:17 134.169.192.7:2851 -> xxx.yyy.1.8:8000 SYN ******S*
[...]
May 5 07:43:55 134.169.192.7:1539 -> xxx.yyy.255.237:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1549 -> xxx.yyy.255.247:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1553 -> xxx.yyy.255.251:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1550 -> xxx.yyy.255.248:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1548 -> xxx.yyy.255.246:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1554 -> xxx.yyy.255.252:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1555 -> xxx.yyy.255.253:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1552 -> xxx.yyy.255.250:8000 SYN ******S*
May 5 07:43:55 134.169.192.7:1551 -> xxx.yyy.255.249:8000 SYN ******S*
64271

May 5 01:29:39 218.59.159.68:2547 -> xxx.yyy.1.1:443 SYN ******S*
May 5 01:29:39 218.59.159.68:2548 -> xxx.yyy.1.2:443 SYN ******S*
May 5 01:29:40 218.59.159.68:2549 -> xxx.yyy.1.3:443 SYN ******S*
May 5 01:29:40 218.59.159.68:2550 -> xxx.yyy.1.4:443 SYN ******S*
May 5 01:29:40 218.59.159.68:2551 -> xxx.yyy.1.5:443 SYN ******S*
May 5 01:29:40 218.59.159.68:2552 -> xxx.yyy.1.6:443 SYN ******S*
May 5 01:29:40 218.59.159.68:2553 -> xxx.yyy.1.7:443 SYN ******S*
May 5 01:29:37 218.59.159.68:2554 -> xxx.yyy.1.8:443 SYN ******S*
[...]
May 5 01:42:07 218.59.159.68:2026 -> xxx.yyy.255.249:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2028 -> xxx.yyy.255.251:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2029 -> xxx.yyy.255.252:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2030 -> xxx.yyy.255.253:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2024 -> xxx.yyy.255.247:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2031 -> xxx.yyy.255.254:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2027 -> xxx.yyy.255.250:443 SYN ******S*
May 5 01:42:07 218.59.159.68:2025 -> xxx.yyy.255.248:443 SYN ******S*
62974

May 5 19:22:17 213.97.37.236:49879 -> xxx.yyy.1.1:445 SYN ******S*
May 5 19:22:14 213.97.37.236:49880 -> xxx.yyy.1.2:445 SYN ******S*
May 5 19:22:14 213.97.37.236:49882 -> xxx.yyy.1.4:445 SYN ******S*
May 5 19:22:17 213.97.37.236:49883 -> xxx.yyy.1.5:445 SYN ******S*
May 5 19:22:17 213.97.37.236:49885 -> xxx.yyy.1.7:445 SYN ******S*
May 5 19:22:17 213.97.37.236:49886 -> xxx.yyy.1.8:445 SYN ******S*
May 5 19:22:14 213.97.37.236:49887 -> xxx.yyy.1.9:445 SYN ******S*
May 5 19:22:14 213.97.37.236:49888 -> xxx.yyy.1.10:445 SYN ******S*
[...]
May 5 19:34:01 213.97.37.236:52784 -> xxx.yyy.255.199:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52793 -> xxx.yyy.255.208:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52796 -> xxx.yyy.255.211:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52808 -> xxx.yyy.255.223:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52809 -> xxx.yyy.255.224:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52820 -> xxx.yyy.255.235:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52819 -> xxx.yyy.255.234:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52831 -> xxx.yyy.255.246:445 SYN ******S*
May 5 19:34:01 213.97.37.236:52834 -> xxx.yyy.255.249:445 SYN ******S*
53391

May 5 00:36:17 66.14.222.126:26724 -> xxx.yyy.128.4:445 SYN ******S*
May 5 00:36:17 66.14.222.126:26733 -> xxx.yyy.128.1:445 SYN ******S*
May 5 00:36:17 66.14.222.126:26732 -> xxx.yyy.128.5:445 SYN ******S*
May 5 00:36:14 66.14.222.126:26366 -> xxx.yyy.128.2:445 SYN ******S*
May 5 00:36:15 66.14.222.126:26789 -> xxx.yyy.128.6:445 SYN ******S*
May 5 00:36:15 66.14.222.126:26791 -> xxx.yyy.128.3:445 SYN ******S*
May 5 00:36:15 66.14.222.126:26792 -> xxx.yyy.128.0:445 SYN ******S*
May 5 00:36:18 66.14.222.126:26784 -> xxx.yyy.128.2:445 SYN ******S*
[...]
May 5 06:02:56 66.14.222.126:14636 -> xxx.yyy.255.237:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14638 -> xxx.yyy.255.254:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14674 -> xxx.yyy.255.250:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14737 -> xxx.yyy.255.233:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14743 -> xxx.yyy.255.249:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14745 -> xxx.yyy.255.241:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14752 -> xxx.yyy.255.238:445 SYN ******S*
May 5 06:02:56 66.14.222.126:14753 -> xxx.yyy.255.242:445 SYN ******S*
May 5 06:02:58 66.14.222.126:14758 -> xxx.yyy.255.244:445 SYN ******S*
51507

May 5 13:14:47 63.166.255.24:1130 -> xxx.yyy.1.2:139 SYN ******S*
May 5 13:14:47 63.166.255.24:1132 -> xxx.yyy.1.4:139 SYN ******S*
May 5 13:14:45 63.166.255.24:1134 -> xxx.yyy.1.6:139 SYN ******S*
May 5 13:14:48 63.166.255.24:1135 -> xxx.yyy.1.7:139 SYN ******S*
May 5 13:14:48 63.166.255.24:1137 -> xxx.yyy.1.9:139 SYN ******S*
May 5 13:14:48 63.166.255.24:1138 -> xxx.yyy.1.10:139 SYN ******S*
May 5 13:14:48 63.166.255.24:1139 -> xxx.yyy.1.11:139 SYN ******S*
May 5 13:14:48 63.166.255.24:1141 -> xxx.yyy.1.13:139 SYN ******S*
[...]
May 5 13:25:44 63.166.255.24:3780 -> xxx.yyy.255.242:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3777 -> xxx.yyy.255.239:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3790 -> xxx.yyy.255.252:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3787 -> xxx.yyy.255.249:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3784 -> xxx.yyy.255.246:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3785 -> xxx.yyy.255.247:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3789 -> xxx.yyy.255.251:139 SYN ******S*
May 5 13:25:44 63.166.255.24:3783 -> xxx.yyy.255.245:139 SYN ******S*
50159

May 5 06:32:18 211.221.76.118:22002 -> xxx.yyy.1.0:10080 SYN ******S*
May 5 06:32:18 211.221.76.118:22002 -> xxx.yyy.1.0:3128 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.1:10080 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.1:3128 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.2:1080 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.2:10080 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.2:3128 SYN ******S*
May 5 06:32:19 211.221.76.118:22002 -> xxx.yyy.1.3:1080 SYN ******S*
[...]
May 5 12:01:00 211.221.76.118:22002 -> xxx.yyy.185.8:1080 SYN ******S*
May 5 12:01:00 211.221.76.118:22002 -> xxx.yyy.185.8:10080 SYN ******S*
May 5 12:01:00 211.221.76.118:22002 -> xxx.yyy.185.8:3128 SYN ******S*
May 5 12:01:01 211.221.76.118:22002 -> xxx.yyy.185.9:1080 SYN ******S*
May 5 12:01:01 211.221.76.118:22002 -> xxx.yyy.185.9:10080 SYN ******S*
May 5 12:01:01 211.221.76.118:22002 -> xxx.yyy.185.9:3128 SYN ******S*
May 5 12:01:01 211.221.76.118:22002 -> xxx.yyy.185.10:1080 SYN ******S*
May 5 12:01:01 211.221.76.118:22002 -> xxx.yyy.185.10:10080 SYN ******S*
May 5 12:01:03 211.221.76.118:22002 -> xxx.yyy.185.11:1080 SYN ******S*
49059

May 5 08:55:26 209.218.230.133:10864 -> xxx.yyy.128.4:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10865 -> xxx.yyy.128.5:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10866 -> xxx.yyy.128.6:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10867 -> xxx.yyy.128.7:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10868 -> xxx.yyy.128.8:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10869 -> xxx.yyy.128.9:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10880 -> xxx.yyy.128.20:445 SYN ******S*
May 5 08:55:26 209.218.230.133:10881 -> xxx.yyy.128.21:445 SYN ******S*
[...]
May 5 14:10:39 209.218.230.133:58359 -> xxx.yyy.255.238:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58352 -> xxx.yyy.255.231:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58344 -> xxx.yyy.255.249:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58341 -> xxx.yyy.255.246:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58363 -> xxx.yyy.255.242:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58356 -> xxx.yyy.255.235:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58353 -> xxx.yyy.255.232:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58350 -> xxx.yyy.255.229:445 SYN ******S*
May 5 14:10:39 209.218.230.133:58348 -> xxx.yyy.255.253:445 SYN ******S*
39297

May 5 11:56:00 212.243.164.70:2096 -> xxx.yyy.1.1:8000 SYN ******S*
May 5 11:56:00 212.243.164.70:2099 -> xxx.yyy.1.4:8000 SYN ******S*
May 5 11:56:00 212.243.164.70:2098 -> xxx.yyy.1.3:8000 SYN ******S*
May 5 11:56:03 212.243.164.70:2102 -> xxx.yyy.1.5:8000 SYN ******S*
May 5 11:56:00 212.243.164.70:2105 -> xxx.yyy.1.8:8000 SYN ******S*
May 5 11:56:03 212.243.164.70:2106 -> xxx.yyy.1.9:8000 SYN ******S*
May 5 11:56:03 212.243.164.70:2107 -> xxx.yyy.1.10:8000 SYN ******S*
May 5 11:56:00 212.243.164.70:2110 -> xxx.yyy.1.13:8000 SYN ******S*
[...]
May 5 12:07:53 212.243.164.70:3809 -> xxx.yyy.255.201:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3804 -> xxx.yyy.255.198:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3820 -> xxx.yyy.255.212:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3817 -> xxx.yyy.255.209:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3818 -> xxx.yyy.255.210:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3821 -> xxx.yyy.255.213:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3816 -> xxx.yyy.255.208:8000 SYN ******S*
May 5 12:07:53 212.243.164.70:3819 -> xxx.yyy.255.211:8000 SYN ******S*
33691

May 5 07:32:45 212.205.255.84:3766 -> xxx.yyy.10.36:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4039 -> xxx.yyy.10.37:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4042 -> xxx.yyy.10.40:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4041 -> xxx.yyy.10.39:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4040 -> xxx.yyy.10.38:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4043 -> xxx.yyy.10.41:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4044 -> xxx.yyy.10.42:1433 SYN ******S*
May 5 07:32:48 212.205.255.84:4045 -> xxx.yyy.10.43:1433 SYN ******S*
[...]
May 5 09:04:20 212.205.255.84:1028 -> xxx.yyy.111.247:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1027 -> xxx.yyy.111.246:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1031 -> xxx.yyy.111.250:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1030 -> xxx.yyy.111.249:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1033 -> xxx.yyy.111.251:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1041 -> xxx.yyy.111.255:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1038 -> xxx.yyy.111.254:1433 SYN ******S*
May 5 09:04:20 212.205.255.84:1036 -> xxx.yyy.111.252:1433 SYN ******S*
24637

[...]
17632

[...]
11854

May 5 00:00:10 202.108.87.100:4333 -> xxx.yyy.225.42:2745 SYN ******S*
May 5 00:00:11 202.108.87.100:4341 -> xxx.yyy.168.151:2745 SYN ******S*
May 5 00:00:12 202.108.87.100:4357 -> xxx.yyy.177.251:2745 SYN ******S*
May 5 00:00:10 202.108.87.100:4325 -> xxx.yyy.232.11:2745 SYN ******S*
May 5 00:00:13 202.108.87.100:4384 -> xxx.yyy.195.120:2745 SYN ******S*
May 5 00:00:15 202.108.87.100:4459 -> xxx.yyy.196.29:2745 SYN ******S*
May 5 00:00:15 202.108.87.100:4471 -> xxx.yyy.157.155:2745 SYN ******S*
May 5 00:00:17 202.108.87.100:4333 -> xxx.yyy.225.42:2745 SYN ******S*
[...]
May 5 23:59:47 202.108.87.100:1761 -> xxx.yyy.74.13:2745 SYN ******S*
May 5 23:59:51 202.108.87.100:1822 -> xxx.yyy.202.213:2745 SYN ******S*
May 5 23:59:52 202.108.87.100:1838 -> xxx.yyy.92.30:2745 SYN ******S*
May 5 23:59:52 202.108.87.100:1840 -> xxx.yyy.92.30:1025 SYN ******S*
May 5 23:59:50 202.108.87.100:1866 -> xxx.yyy.220.250:2745 SYN ******S*
May 5 23:59:54 202.108.87.100:1866 -> xxx.yyy.220.250:2745 SYN ******S*
May 5 23:59:54 202.108.87.100:1761 -> xxx.yyy.74.13:2745 SYN ******S*
May 5 23:59:54 202.108.87.100:1764 -> xxx.yyy.73.188:2745 SYN ******S*
11295

May 5 00:00:52 221.10.44.93:7495 -> xxx.yyy.224.116:2745 SYN ******S*
May 5 00:00:54 221.10.44.93:20961 -> xxx.yyy.232.184:2745 SYN ******S*
May 5 00:00:55 221.10.44.93:21068 -> xxx.yyy.239.107:2745 SYN ******S*
May 5 00:00:54 221.10.44.93:21079 -> xxx.yyy.83.69:2745 SYN ******S*
May 5 00:00:55 221.10.44.93:21125 -> xxx.yyy.84.104:2745 SYN ******S*
May 5 00:00:59 221.10.44.93:59288 -> xxx.yyy.84.104:1025 SYN ******S*
May 5 00:00:59 221.10.44.93:7495 -> xxx.yyy.224.116:2745 SYN ******S*
May 5 00:01:00 221.10.44.93:20961 -> xxx.yyy.232.184:2745 SYN ******S*
[...]
May 5 23:54:19 221.10.44.93:42680 -> xxx.yyy.177.204:3127 SYN ******S*
May 5 23:54:19 221.10.44.93:37250 -> xxx.yyy.177.204:5000 SYN ******S*
May 5 23:59:18 221.10.44.93:62495 -> xxx.yyy.140.3:2745 SYN ******S*
May 5 23:59:19 221.10.44.93:44964 -> xxx.yyy.89.16:5000 SYN ******S*
May 5 23:59:19 221.10.44.93:62615 -> xxx.yyy.89.16:2745 SYN ******S*
May 5 23:59:19 221.10.44.93:34470 -> xxx.yyy.89.16:3127 SYN ******S*
May 5 23:59:19 221.10.44.93:39310 -> xxx.yyy.89.16:1025 SYN ******S*
May 5 23:59:19 221.10.44.93:44962 -> xxx.yyy.89.16:6129 SYN ******S*
May 5 23:59:19 221.10.44.93:39312 -> xxx.yyy.89.16:80 SYN ******S*
8828

May 5 05:00:15 65.112.118.29:55629 -> xxx.yyy.129.97:1025 SYN ******S*
May 5 05:00:15 65.112.118.29:55627 -> xxx.yyy.129.97:2745 SYN ******S*
May 5 05:00:15 65.112.118.29:55630 -> xxx.yyy.129.97:445 SYN ******S*
May 5 05:00:15 65.112.118.29:55631 -> xxx.yyy.129.97:3127 SYN ******S*
May 5 05:00:15 65.112.118.29:55632 -> xxx.yyy.129.97:6129 SYN ******S*
May 5 05:00:15 65.112.118.29:55633 -> xxx.yyy.129.97:139 SYN ******S*
May 5 05:00:15 65.112.118.29:56390 -> xxx.yyy.136.85:2745 SYN ******S*
May 5 05:00:15 65.112.118.29:56396 -> xxx.yyy.136.85:139 SYN ******S*
[...]
May 5 09:44:09 65.112.118.29:56839 -> xxx.yyy.144.141:3127 SYN ******S*
May 5 09:44:07 65.112.118.29:11248 -> xxx.yyy.144.141:6129 SYN ******S*
May 5 09:44:09 65.112.118.29:34559 -> xxx.yyy.144.141:139 SYN ******S*
May 5 09:48:11 65.112.118.29:35689 -> xxx.yyy.194.176:139 SYN ******S*
May 5 09:48:11 65.112.118.29:35688 -> xxx.yyy.194.176:6129 SYN ******S*
May 5 09:48:11 65.112.118.29:35709 -> xxx.yyy.194.176:3127 SYN ******S*
May 5 09:48:11 65.112.118.29:35684 -> xxx.yyy.194.176:445 SYN ******S*
May 5 09:48:11 65.112.118.29:35683 -> xxx.yyy.194.176:1025 SYN ******S*
7749

May 5 07:38:23 64.80.86.35:4076 -> xxx.yyy.10.1:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4077 -> xxx.yyy.10.2:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4078 -> xxx.yyy.10.3:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4079 -> xxx.yyy.10.4:139 SYN ******S*
May 5 07:38:20 64.80.86.35:4081 -> xxx.yyy.10.6:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4082 -> xxx.yyy.10.7:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4083 -> xxx.yyy.10.8:139 SYN ******S*
May 5 07:38:23 64.80.86.35:4084 -> xxx.yyy.10.9:139 SYN ******S*
[...]
May 5 07:49:37 64.80.86.35:4157 -> xxx.yyy.214.233:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4154 -> xxx.yyy.214.230:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4155 -> xxx.yyy.214.231:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4152 -> xxx.yyy.214.228:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4163 -> xxx.yyy.214.239:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4160 -> xxx.yyy.214.236:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4161 -> xxx.yyy.214.237:139 SYN ******S*
May 5 07:49:37 64.80.86.35:4165 -> xxx.yyy.214.241:139 SYN ******S*
7430

May 5 05:00:18 213.140.6.96:49975 -> xxx.yyy.160.39:139 SYN ******S*
May 5 05:00:18 213.140.6.96:50007 -> xxx.yyy.85.178:139 SYN ******S*
May 5 05:00:18 213.140.6.96:50178 -> xxx.yyy.166.211:139 SYN ******S*
May 5 05:00:18 213.140.6.96:50206 -> xxx.yyy.146.185:139 SYN ******S*
May 5 05:00:18 213.140.6.96:50246 -> xxx.yyy.150.245:139 SYN ******S*
May 5 05:00:17 213.140.6.96:50711 -> xxx.yyy.134.54:139 SYN ******S*
May 5 05:00:18 213.140.6.96:51281 -> xxx.yyy.204.169:139 SYN ******S*
May 5 05:00:22 213.140.6.96:52067 -> xxx.yyy.204.128:139 SYN ******S*
[...]
May 5 08:50:33 213.140.6.96:16613 -> xxx.yyy.241.204:139 SYN ******S*
May 5 08:50:35 213.140.6.96:14676 -> xxx.yyy.146.158:139 SYN ******S*
May 5 08:50:39 213.140.6.96:22431 -> xxx.yyy.79.141:139 SYN ******S*
May 5 08:50:36 213.140.6.96:49921 -> xxx.yyy.66.59:139 SYN ******S*
May 5 08:50:37 213.140.6.96:20839 -> xxx.yyy.191.110:139 SYN ******S*
May 5 08:50:42 213.140.6.96:49921 -> xxx.yyy.66.59:139 SYN ******S*
May 5 08:50:45 213.140.6.96:29047 -> xxx.yyy.76.5:139 SYN ******S*
May 5 08:50:46 213.140.6.96:22431 -> xxx.yyy.79.141:139 SYN ******S*
May 5 08:50:47 213.140.6.96:16414 -> xxx.yyy.66.119:139 SYN ******S*
6524

May 5 00:14:11 134.102.86.203:2636 -> xxx.yyy.129.67:2745 SYN ******S*
May 5 00:14:14 134.102.86.203:2181 -> xxx.yyy.129.67:1025 SYN ******S*
May 5 00:14:14 134.102.86.203:1673 -> xxx.yyy.129.67:445 SYN ******S*
May 5 00:14:14 134.102.86.203:2947 -> xxx.yyy.129.67:3127 SYN ******S*
May 5 00:14:14 134.102.86.203:4470 -> xxx.yyy.129.67:6129 SYN ******S*
May 5 00:14:12 134.102.86.203:4838 -> xxx.yyy.129.67:139 SYN ******S*
May 5 00:14:12 134.102.86.203:1344 -> xxx.yyy.129.67:3410 SYN ******S*
May 5 00:14:12 134.102.86.203:2147 -> xxx.yyy.129.67:1433 SYN ******S*
[...]
May 5 23:57:39 134.102.86.203:4479 -> xxx.yyy.220.38:1025 SYN ******S*
May 5 23:57:39 134.102.86.203:4482 -> xxx.yyy.220.38:445 SYN ******S*
May 5 23:57:39 134.102.86.203:4483 -> xxx.yyy.220.38:3127 SYN ******S*
May 5 23:57:39 134.102.86.203:4484 -> xxx.yyy.220.38:6129 SYN ******S*
May 5 23:57:39 134.102.86.203:4485 -> xxx.yyy.220.38:80 SYN ******S*
May 5 23:57:39 134.102.86.203:4487 -> xxx.yyy.220.38:139 SYN ******S*
May 5 23:57:39 134.102.86.203:4488 -> xxx.yyy.220.38:3410 SYN ******S*
May 5 23:57:39 134.102.86.203:4489 -> xxx.yyy.220.38:1433 SYN ******S*
May 5 23:57:39 134.102.86.203:4490 -> xxx.yyy.220.38:5000 SYN ******S*
5144

May 5 00:00:31 65.100.122.132:81 -> xxx.yyy.80.253:4598 INVALIDACK ***A*R*F
May 5 00:00:34 65.100.122.132:81 -> xxx.yyy.69.158:4890 INVALIDACK ***A*R*F
May 5 00:00:35 65.100.122.132:81 -> xxx.yyy.69.158:4890 INVALIDACK ***A*R*F
May 5 00:01:48 65.100.122.132:81 -> xxx.yyy.71.21:2992 INVALIDACK ***A*R*F
May 5 00:01:51 65.100.122.132:81 -> xxx.yyy.69.158:1121 INVALIDACK ***A*R*F
May 5 00:01:51 65.100.122.132:81 -> xxx.yyy.84.178:4430 INVALIDACK ***A*R*F
May 5 00:01:52 65.100.122.132:81 -> xxx.yyy.69.158:1121 INVALIDACK ***A*R*F
May 5 00:01:52 65.100.122.132:81 -> xxx.yyy.84.178:4430 INVALIDACK ***A*R*F
[...]
May 5 23:58:35 65.100.122.132:81 -> xxx.yyy.70.168:4195 INVALIDACK ***A*R*F
May 5 23:58:44 65.100.122.132:81 -> xxx.yyy.67.203:1460 INVALIDACK ***A*R*F
May 5 23:58:48 65.100.122.132:81 -> xxx.yyy.70.168:4247 INVALIDACK ***A*R*F
May 5 23:58:54 65.100.122.132:81 -> xxx.yyy.70.168:4247 INVALIDACK ***A*R*F
May 5 23:59:13 65.100.122.132:81 -> xxx.yyy.68.29:2751 INVALIDACK ***A*R*F
May 5 23:59:42 65.100.122.132:81 -> xxx.yyy.70.168:4398 INVALIDACK ***A*R*F
May 5 23:59:48 65.100.122.132:81 -> xxx.yyy.70.168:4398 INVALIDACK ***A*R*F
May 5 23:59:53 65.100.122.132:81 -> xxx.yyy.67.203:1641 INVALIDACK ***A*R*F
4571

[...]
4497

May 5 00:02:06 209.128.11.220:1571 -> xxx.yyy.105.77:2745 SYN ******S*
May 5 00:02:07 209.128.11.220:1476 -> xxx.yyy.91.26:2745 SYN ******S*
May 5 00:02:07 209.128.11.220:1492 -> xxx.yyy.148.111:2745 SYN ******S*
May 5 00:02:09 209.128.11.220:1511 -> xxx.yyy.94.174:1025 SYN ******S*
May 5 00:02:09 209.128.11.220:1509 -> xxx.yyy.94.174:2745 SYN ******S*
May 5 00:02:10 209.128.11.220:1646 -> xxx.yyy.89.190:2745 SYN ******S*
May 5 00:02:12 209.128.11.220:1675 -> xxx.yyy.107.221:2745 SYN ******S*
May 5 00:02:13 209.128.11.220:1646 -> xxx.yyy.89.190:2745 SYN ******S*
[...]
May 5 07:03:37 209.128.11.220:1284 -> xxx.yyy.176.93:2745 SYN ******S*
May 5 07:03:37 209.128.11.220:1201 -> xxx.yyy.185.42:2745 SYN ******S*
May 5 07:03:40 209.128.11.220:1358 -> xxx.yyy.14.210:2745 SYN ******S*
May 5 07:03:40 209.128.11.220:1364 -> xxx.yyy.207.146:2745 SYN ******S*
May 5 07:03:41 209.128.11.220:1233 -> xxx.yyy.78.210:2745 SYN ******S*
May 5 07:03:43 209.128.11.220:1358 -> xxx.yyy.14.210:2745 SYN ******S*
May 5 07:03:43 209.128.11.220:1284 -> xxx.yyy.176.93:2745 SYN ******S*
May 5 07:03:43 209.128.11.220:1364 -> xxx.yyy.207.146:2745 SYN ******S*
4469

[...]
4446

May 5 05:00:18 213.140.2.6:59408 -> xxx.yyy.134.132:2745 SYN ******S*
May 5 05:00:18 213.140.2.6:59411 -> xxx.yyy.134.132:1025 SYN ******S*
May 5 05:00:18 213.140.2.6:59413 -> xxx.yyy.134.132:445 SYN ******S*
May 5 05:00:18 213.140.2.6:59414 -> xxx.yyy.134.132:3127 SYN ******S*
May 5 05:00:18 213.140.2.6:59415 -> xxx.yyy.134.132:6129 SYN ******S*
May 5 05:00:18 213.140.2.6:59417 -> xxx.yyy.134.132:139 SYN ******S*
May 5 05:00:18 213.140.2.6:64105 -> xxx.yyy.144.225:2745 SYN ******S*
May 5 05:00:18 213.140.2.6:64114 -> xxx.yyy.144.225:1025 SYN ******S*
[...]
May 5 08:50:45 213.140.2.6:12802 -> xxx.yyy.153.167:3127 SYN ******S*
May 5 08:50:45 213.140.2.6:12797 -> xxx.yyy.153.167:445 SYN ******S*
May 5 08:50:51 213.140.2.6:15676 -> xxx.yyy.145.109:139 SYN ******S*
May 5 08:50:51 213.140.2.6:7918 -> xxx.yyy.145.109:3127 SYN ******S*
May 5 08:50:51 213.140.2.6:15675 -> xxx.yyy.145.109:6129 SYN ******S*
May 5 08:50:51 213.140.2.6:53781 -> xxx.yyy.145.109:445 SYN ******S*
May 5 08:50:51 213.140.2.6:54874 -> xxx.yyy.145.109:1025 SYN ******S*
May 5 08:50:51 213.140.2.6:54873 -> xxx.yyy.145.109:2745 SYN ******S*
4118

May 5 00:16:16 134.121.244.35:3622 -> xxx.yyy.201.58:2745 SYN ******S*
May 5 00:16:16 134.121.244.35:3626 -> xxx.yyy.201.58:1025 SYN ******S*
May 5 00:16:16 134.121.244.35:3632 -> xxx.yyy.201.58:6129 SYN ******S*
May 5 00:16:16 134.121.244.35:3633 -> xxx.yyy.201.58:80 SYN ******S*
May 5 00:16:16 134.121.244.35:3636 -> xxx.yyy.201.58:3410 SYN ******S*
May 5 00:16:16 134.121.244.35:3637 -> xxx.yyy.201.58:1433 SYN ******S*
May 5 00:16:13 134.121.244.35:3639 -> xxx.yyy.201.58:5000 SYN ******S*
May 5 00:16:41 134.121.244.35:1647 -> xxx.yyy.158.244:2745 SYN ******S*
[...]
May 5 23:59:35 134.121.244.35:4333 -> xxx.yyy.180.237:5000 SYN ******S*
May 5 23:59:41 134.121.244.35:4319 -> xxx.yyy.180.237:3410 SYN ******S*
May 5 23:59:41 134.121.244.35:4311 -> xxx.yyy.180.237:80 SYN ******S*
May 5 23:59:41 134.121.244.35:4304 -> xxx.yyy.180.237:6129 SYN ******S*
May 5 23:59:41 134.121.244.35:4282 -> xxx.yyy.180.237:1025 SYN ******S*
May 5 23:59:41 134.121.244.35:4274 -> xxx.yyy.180.237:2745 SYN ******S*
May 5 23:59:41 134.121.244.35:4333 -> xxx.yyy.180.237:5000 SYN ******S*
May 5 23:59:41 134.121.244.35:4325 -> xxx.yyy.180.237:1433 SYN ******S*
3675

May 5 00:01:27 66.190.44.41:4387 -> xxx.yyy.219.195:2745 SYN ******S*
May 5 00:01:29 66.190.44.41:4323 -> xxx.yyy.204.203:6129 SYN ******S*
May 5 00:01:29 66.190.44.41:4322 -> xxx.yyy.204.203:3127 SYN ******S*
May 5 00:01:29 66.190.44.41:4320 -> xxx.yyy.204.203:1025 SYN ******S*
May 5 00:01:29 66.190.44.41:4318 -> xxx.yyy.204.203:2745 SYN ******S*
May 5 00:01:30 66.190.44.41:4353 -> xxx.yyy.92.85:2745 SYN ******S*
May 5 00:01:33 66.190.44.41:4387 -> xxx.yyy.219.195:2745 SYN ******S*
May 5 00:01:36 66.190.44.41:4510 -> xxx.yyy.195.234:2745 SYN ******S*
[...]
May 5 23:56:35 66.190.44.41:4680 -> xxx.yyy.246.62:2745 SYN ******S*
May 5 23:59:54 66.190.44.41:3744 -> xxx.yyy.13.203:2745 SYN ******S*
May 5 23:59:55 66.190.44.41:3748 -> xxx.yyy.201.212:2745 SYN ******S*
May 5 23:59:57 66.190.44.41:3772 -> xxx.yyy.157.161:2745 SYN ******S*
May 5 23:59:57 66.190.44.41:3774 -> xxx.yyy.157.161:1025 SYN ******S*
May 5 23:59:57 66.190.44.41:3776 -> xxx.yyy.157.161:3127 SYN ******S*
May 5 23:59:54 66.190.44.41:3777 -> xxx.yyy.157.161:6129 SYN ******S*
May 6 00:00:01 66.190.44.41:3748 -> xxx.yyy.201.212:2745 SYN ******S*
3665

--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly@xxxxxxx phone: (319) 273-5850 fax: (319) 273-7373
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx
http://www.dshield.org/mailman/listinfo/intrusions
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Excessively large URI attacks: 00011, skip1@xxxxxxxxxxxx
Next by Date:  Re: Excessively large URI attacks: 00011, Barry Fitzgerald
Previous by Thread:  [LOGS] Summary of large-scale portscanning detectsi: 00011, Ken . Connelly
Next by Thread:  [LOGS] Summary of large-scale portscanning detects: 00011, Ken . Connelly
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise