logo       
<prev   next>

[LOGS] Summary of large-scale portscanning detects: msg#00085

security.intrusions

Subject: [LOGS] Summary of large-scale portscanning detects

The following extracts show the beginning and ending of scan activity
was detected on my network. The number following each set is the total
number of probes for that source. Timestamps are GMT-0500.

May 26 05:02:32 159.87.195.67:3612 -> xxx.yyy.1.1:1257 SYN ******S*
May 26 05:02:32 159.87.195.67:3613 -> xxx.yyy.1.2:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3614 -> xxx.yyy.1.3:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3615 -> xxx.yyy.1.4:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3616 -> xxx.yyy.1.5:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3617 -> xxx.yyy.1.6:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3618 -> xxx.yyy.1.7:1257 SYN ******S*
May 26 05:02:34 159.87.195.67:3619 -> xxx.yyy.1.8:1257 SYN ******S*
[...]
May 26 05:13:27 159.87.195.67:2568 -> xxx.yyy.255.227:1257 SYN ******S*
May 26 05:13:27 159.87.195.67:2565 -> xxx.yyy.255.224:1257 SYN ******S*
May 26 05:13:27 159.87.195.67:2566 -> xxx.yyy.255.225:1257 SYN ******S*
May 26 05:13:27 159.87.195.67:2569 -> xxx.yyy.255.228:1257 SYN ******S*
May 26 05:13:27 159.87.195.67:2570 -> xxx.yyy.255.229:1257 SYN ******S*
May 26 05:13:27 159.87.195.67:2567 -> xxx.yyy.255.226:1257 SYN ******S*
May 26 05:13:28 159.87.195.67:2577 -> xxx.yyy.255.236:1257 SYN ******S*
May 26 05:13:28 159.87.195.67:2575 -> xxx.yyy.255.234:1257 SYN ******S*
May 26 05:13:28 159.87.195.67:2576 -> xxx.yyy.255.235:1257 SYN ******S*
71918

May 26 04:08:43 217.209.216.181:24533 -> xxx.yyy.1.1:4000 SYN ******S*
May 26 04:08:43 217.209.216.181:24534 -> xxx.yyy.1.2:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24535 -> xxx.yyy.1.3:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24536 -> xxx.yyy.1.4:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24537 -> xxx.yyy.1.5:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24538 -> xxx.yyy.1.6:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24539 -> xxx.yyy.1.7:4000 SYN ******S*
May 26 04:08:45 217.209.216.181:24540 -> xxx.yyy.1.8:4000 SYN ******S*
[...]
May 26 04:34:38 217.209.216.181:44020 -> xxx.yyy.zzz.245:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44019 -> xxx.yyy.zzz.244:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44021 -> xxx.yyy.zzz.246:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44029 -> xxx.yyy.zzz.254:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44028 -> xxx.yyy.zzz.253:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44024 -> xxx.yyy.zzz.249:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44026 -> xxx.yyy.zzz.251:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44025 -> xxx.yyy.zzz.250:4000 SYN ******S*
May 26 04:34:38 217.209.216.181:44027 -> xxx.yyy.zzz.252:4000 SYN ******S*
71688

May 26 09:56:01 64.9.35.50:3062 -> xxx.yyy.1.1:4000 SYN ******S*
May 26 09:56:01 64.9.35.50:3063 -> xxx.yyy.1.2:4000 SYN ******S*
May 26 09:56:03 64.9.35.50:3064 -> xxx.yyy.1.3:4000 SYN ******S*
May 26 09:56:03 64.9.35.50:3065 -> xxx.yyy.1.4:4000 SYN ******S*
May 26 09:56:03 64.9.35.50:3066 -> xxx.yyy.1.5:4000 SYN ******S*
May 26 09:56:03 64.9.35.50:3067 -> xxx.yyy.1.6:4000 SYN ******S*
May 26 09:56:00 64.9.35.50:3068 -> xxx.yyy.1.7:4000 SYN ******S*
May 26 09:56:03 64.9.35.50:3069 -> xxx.yyy.1.8:4000 SYN ******S*
[...]
May 26 10:06:58 64.9.35.50:2090 -> xxx.yyy.255.248:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2094 -> xxx.yyy.255.252:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2091 -> xxx.yyy.255.249:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2088 -> xxx.yyy.255.246:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2095 -> xxx.yyy.255.253:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2092 -> xxx.yyy.255.250:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2089 -> xxx.yyy.255.247:4000 SYN ******S*
May 26 10:06:58 64.9.35.50:2096 -> xxx.yyy.255.254:4000 SYN ******S*
69651

May 26 09:06:07 66.13.196.190:4083 -> xxx.yyy.1.3:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4084 -> xxx.yyy.1.4:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4085 -> xxx.yyy.1.5:445 SYN ******S*
May 26 09:06:04 66.13.196.190:4086 -> xxx.yyy.1.6:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4088 -> xxx.yyy.1.8:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4089 -> xxx.yyy.1.9:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4090 -> xxx.yyy.1.10:445 SYN ******S*
May 26 09:06:07 66.13.196.190:4091 -> xxx.yyy.1.11:445 SYN ******S*
[...]
May 26 09:17:46 66.13.196.190:3821 -> xxx.yyy.255.243:445 SYN ******S*
May 26 09:17:46 66.13.196.190:3818 -> xxx.yyy.255.240:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3832 -> xxx.yyy.255.254:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3829 -> xxx.yyy.255.251:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3826 -> xxx.yyy.255.248:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3830 -> xxx.yyy.255.252:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3827 -> xxx.yyy.255.249:445 SYN ******S*
May 26 09:17:47 66.13.196.190:3831 -> xxx.yyy.255.253:445 SYN ******S*
68380

May 26 16:40:56 208.171.246.65:1111 -> xxx.yyy.1.1:420 SYN ******S*
May 26 16:40:56 208.171.246.65:1112 -> xxx.yyy.1.2:420 SYN ******S*
May 26 16:40:58 208.171.246.65:1113 -> xxx.yyy.1.3:420 SYN ******S*
May 26 16:40:58 208.171.246.65:1114 -> xxx.yyy.1.4:420 SYN ******S*
May 26 16:40:55 208.171.246.65:1115 -> xxx.yyy.1.5:420 SYN ******S*
May 26 16:40:58 208.171.246.65:1117 -> xxx.yyy.1.7:420 SYN ******S*
May 26 16:40:58 208.171.246.65:1118 -> xxx.yyy.1.8:420 SYN ******S*
May 26 16:40:58 208.171.246.65:1122 -> xxx.yyy.1.12:420 SYN ******S*
[...]
May 26 16:52:46 208.171.246.65:3329 -> xxx.yyy.255.228:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3326 -> xxx.yyy.255.225:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3323 -> xxx.yyy.255.222:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3333 -> xxx.yyy.255.232:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3334 -> xxx.yyy.255.233:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3331 -> xxx.yyy.255.230:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3335 -> xxx.yyy.255.234:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3332 -> xxx.yyy.255.231:420 SYN ******S*
May 26 16:52:46 208.171.246.65:3336 -> xxx.yyy.255.235:420 SYN ******S*
68208

May 26 19:35:50 206.71.172.132:1661 -> xxx.yyy.1.1:1433 SYN ******S*
May 26 19:35:50 206.71.172.132:1662 -> xxx.yyy.1.2:1433 SYN ******S*
May 26 19:35:50 206.71.172.132:1663 -> xxx.yyy.1.3:1433 SYN ******S*
May 26 19:35:50 206.71.172.132:1665 -> xxx.yyy.1.5:1433 SYN ******S*
May 26 19:35:50 206.71.172.132:1666 -> xxx.yyy.1.6:1433 SYN ******S*
May 26 19:35:50 206.71.172.132:1667 -> xxx.yyy.1.7:1433 SYN ******S*
May 26 19:35:47 206.71.172.132:1668 -> xxx.yyy.1.8:1433 SYN ******S*
May 26 19:35:47 206.71.172.132:1669 -> xxx.yyy.1.9:1433 SYN ******S*
[...]
May 26 19:47:33 206.71.172.132:2128 -> xxx.yyy.255.241:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2130 -> xxx.yyy.255.243:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2131 -> xxx.yyy.255.244:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2127 -> xxx.yyy.255.240:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2140 -> xxx.yyy.255.253:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2137 -> xxx.yyy.255.250:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2134 -> xxx.yyy.255.247:1433 SYN ******S*
May 26 19:47:33 206.71.172.132:2139 -> xxx.yyy.255.252:1433 SYN ******S*
67712

May 26 18:53:56 212.186.18.168:3929 -> xxx.yyy.1.1:8000 SYN ******S*
May 26 18:53:56 212.186.18.168:3930 -> xxx.yyy.1.2:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3931 -> xxx.yyy.1.3:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3932 -> xxx.yyy.1.4:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3933 -> xxx.yyy.1.5:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3934 -> xxx.yyy.1.6:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3935 -> xxx.yyy.1.7:8000 SYN ******S*
May 26 18:53:57 212.186.18.168:3936 -> xxx.yyy.1.8:8000 SYN ******S*
[...]
May 26 19:05:06 212.186.18.168:3835 -> xxx.yyy.245.250:8000 SYN ******S*
May 26 19:05:06 212.186.18.168:3836 -> xxx.yyy.245.251:8000 SYN ******S*
May 26 19:05:06 212.186.18.168:3837 -> xxx.yyy.245.252:8000 SYN ******S*
May 26 19:05:06 212.186.18.168:3838 -> xxx.yyy.245.253:8000 SYN ******S*
May 26 19:05:06 212.186.18.168:3572 -> xxx.yyy.244.242:8000 SYN ******S*
May 26 19:05:06 212.186.18.168:3839 -> xxx.yyy.245.254:8000 SYN ******S*
May 26 19:05:07 212.186.18.168:3841 -> xxx.yyy.246.1:8000 SYN ******S*
May 26 19:05:07 212.186.18.168:3842 -> xxx.yyy.246.2:8000 SYN ******S*
66805

May 26 02:23:24 213.100.235.64:1243 -> xxx.yyy.1.1:4899 SYN ******S*
May 26 02:23:24 213.100.235.64:1245 -> xxx.yyy.1.2:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1246 -> xxx.yyy.1.3:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1249 -> xxx.yyy.1.4:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1250 -> xxx.yyy.1.5:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1251 -> xxx.yyy.1.6:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1252 -> xxx.yyy.1.7:4899 SYN ******S*
May 26 02:23:22 213.100.235.64:1253 -> xxx.yyy.1.8:4899 SYN ******S*
[...]
May 26 02:28:40 213.100.235.64:4958 -> xxx.yyy.255.247:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4960 -> xxx.yyy.255.248:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4961 -> xxx.yyy.255.249:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4964 -> xxx.yyy.255.250:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4967 -> xxx.yyy.255.251:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4969 -> xxx.yyy.255.252:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4971 -> xxx.yyy.255.253:4899 SYN ******S*
May 26 02:28:40 213.100.235.64:4976 -> xxx.yyy.255.254:4899 SYN ******S*
47893

May 26 05:26:53 218.4.138.212:3162 -> xxx.yyy.1.1:20168 SYN ******S*
May 26 05:26:53 218.4.138.212:3164 -> xxx.yyy.1.2:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3166 -> xxx.yyy.1.3:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3168 -> xxx.yyy.1.4:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3170 -> xxx.yyy.1.5:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3174 -> xxx.yyy.1.7:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3176 -> xxx.yyy.1.8:20168 SYN ******S*
May 26 05:26:56 218.4.138.212:3178 -> xxx.yyy.1.9:20168 SYN ******S*
[...]
May 26 05:37:55 218.4.138.212:3360 -> xxx.yyy.255.240:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3370 -> xxx.yyy.255.245:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3358 -> xxx.yyy.255.239:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3382 -> xxx.yyy.255.251:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3386 -> xxx.yyy.255.253:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3376 -> xxx.yyy.255.248:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3380 -> xxx.yyy.255.250:20168 SYN ******S*
May 26 05:37:55 218.4.138.212:3384 -> xxx.yyy.255.252:20168 SYN ******S*
47826

May 26 14:51:32 211.194.248.96:52937 -> xxx.yyy.1.1:4899 SYN ******S*
May 26 14:51:32 211.194.248.96:24935 -> xxx.yyy.1.2:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:20126 -> xxx.yyy.1.5:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:19885 -> xxx.yyy.1.3:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:5255 -> xxx.yyy.1.6:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:26452 -> xxx.yyy.1.7:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:10406 -> xxx.yyy.1.9:4899 SYN ******S*
May 26 14:51:30 211.194.248.96:21852 -> xxx.yyy.1.8:4899 SYN ******S*
[...]
May 26 14:56:24 211.194.248.96:7250 -> xxx.yyy.255.2:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:31035 -> xxx.yyy.255.4:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:44410 -> xxx.yyy.255.3:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:14443 -> xxx.yyy.255.9:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:64026 -> xxx.yyy.255.6:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:17029 -> xxx.yyy.255.8:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:6162 -> xxx.yyy.255.5:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:11636 -> xxx.yyy.255.10:4899 SYN ******S*
May 26 14:56:24 211.194.248.96:54615 -> xxx.yyy.255.7:4899 SYN ******S*
44244

May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.0:1080 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.0:10080 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.0:3128 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.1:1080 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.1:10080 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.1:3128 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.2:1080 SYN ******S*
May 26 06:04:29 203.186.22.251:22002 -> xxx.yyy.1.2:10080 SYN ******S*
[...]
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.67:3128 SYN ******S*
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.68:1080 SYN ******S*
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.68:10080 SYN ******S*
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.68:3128 SYN ******S*
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.69:1080 SYN ******S*
May 26 10:20:36 203.186.22.251:22002 -> xxx.yyy.138.69:10080 SYN ******S*
May 26 10:20:37 203.186.22.251:22002 -> xxx.yyy.138.69:3128 SYN ******S*
May 26 10:20:37 203.186.22.251:22002 -> xxx.yyy.138.70:1080 SYN ******S*
May 26 10:20:37 203.186.22.251:22002 -> xxx.yyy.138.70:10080 SYN ******S*
26232

[...]
24744

May 26 02:22:12 64.108.195.4:3028 -> xxx.yyy.1.0:65506 SYN ******S*
May 26 02:22:13 64.108.195.4:3029 -> xxx.yyy.1.1:65506 SYN ******S*
May 26 02:22:13 64.108.195.4:3030 -> xxx.yyy.1.2:65506 SYN ******S*
May 26 02:22:11 64.108.195.4:3031 -> xxx.yyy.1.3:65506 SYN ******S*
May 26 02:22:11 64.108.195.4:3032 -> xxx.yyy.1.4:65506 SYN ******S*
May 26 02:22:11 64.108.195.4:3033 -> xxx.yyy.1.5:65506 SYN ******S*
May 26 02:22:11 64.108.195.4:3034 -> xxx.yyy.1.6:65506 SYN ******S*
May 26 02:22:11 64.108.195.4:3035 -> xxx.yyy.1.7:65506 SYN ******S*
[...]
May 26 02:44:38 64.108.195.4:3016 -> xxx.yyy.254.164:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3028 -> xxx.yyy.254.176:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3041 -> xxx.yyy.254.189:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3053 -> xxx.yyy.254.201:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3064 -> xxx.yyy.254.212:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3077 -> xxx.yyy.254.225:65506 SYN ******S*
May 26 02:44:38 64.108.195.4:3089 -> xxx.yyy.254.237:65506 SYN ******S*
May 26 02:44:40 64.108.195.4:4607 -> xxx.yyy.254.240:65506 SYN ******S*
May 26 02:44:40 64.108.195.4:4626 -> xxx.yyy.254.245:65506 SYN ******S*
21749

May 26 07:25:55 212.165.132.239:3192 -> xxx.yyy.168.201:2745 SYN ******S*
May 26 07:25:55 212.165.132.239:3267 -> xxx.yyy.106.101:2745 SYN ******S*
May 26 07:26:01 212.165.132.239:3167 -> xxx.yyy.81.98:2745 SYN ******S*
May 26 07:25:57 212.165.132.239:3441 -> xxx.yyy.198.182:6129 SYN ******S*
May 26 07:26:00 212.165.132.239:3440 -> xxx.yyy.198.182:3127 SYN ******S*
May 26 07:26:00 212.165.132.239:3438 -> xxx.yyy.198.182:1025 SYN ******S*
May 26 07:26:01 212.165.132.239:3457 -> xxx.yyy.79.62:2745 SYN ******S*
May 26 07:26:01 212.165.132.239:3460 -> xxx.yyy.79.62:1025 SYN ******S*
[...]
May 26 10:44:07 212.165.132.239:4140 -> xxx.yyy.240.41:1025 SYN ******S*
May 26 10:44:07 212.165.132.239:4165 -> xxx.yyy.240.41:6129 SYN ******S*
May 26 10:44:07 212.165.132.239:4167 -> xxx.yyy.240.41:80 SYN ******S*
May 26 10:44:07 212.165.132.239:4162 -> xxx.yyy.240.41:3127 SYN ******S*
May 26 10:46:07 212.165.132.239:3520 -> xxx.yyy.160.144:2745 SYN ******S*
May 26 10:46:09 212.165.132.239:4693 -> xxx.yyy.249.70:3127 SYN ******S*
May 26 10:46:09 212.165.132.239:4716 -> xxx.yyy.249.70:6129 SYN ******S*
May 26 10:46:09 212.165.132.239:4646 -> xxx.yyy.249.70:2745 SYN ******S*
May 26 10:46:09 212.165.132.239:4655 -> xxx.yyy.249.70:1025 SYN ******S*
14507

May 26 07:29:22 156.106.228.73:4227 -> xxx.yyy.161.170:2745 SYN ******S*
May 26 07:29:22 156.106.228.73:4229 -> xxx.yyy.161.170:1025 SYN ******S*
May 26 07:29:22 156.106.228.73:4230 -> xxx.yyy.161.170:445 SYN ******S*
May 26 07:29:22 156.106.228.73:4245 -> xxx.yyy.204.157:2745 SYN ******S*
May 26 07:29:22 156.106.228.73:4247 -> xxx.yyy.204.157:1025 SYN ******S*
May 26 07:29:22 156.106.228.73:4248 -> xxx.yyy.204.157:445 SYN ******S*
May 26 07:29:22 156.106.228.73:4249 -> xxx.yyy.204.157:3127 SYN ******S*
May 26 07:29:22 156.106.228.73:4250 -> xxx.yyy.204.157:6129 SYN ******S*
[...]
May 26 09:17:56 156.106.228.73:2082 -> xxx.yyy.82.219:80 SYN ******S*
May 26 09:17:56 156.106.228.73:2080 -> xxx.yyy.82.219:6129 SYN ******S*
May 26 09:17:56 156.106.228.73:2079 -> xxx.yyy.82.219:3127 SYN ******S*
May 26 09:17:57 156.106.228.73:2172 -> xxx.yyy.201.34:1025 SYN ******S*
May 26 09:17:57 156.106.228.73:2170 -> xxx.yyy.201.34:2745 SYN ******S*
May 26 09:17:57 156.106.228.73:2178 -> xxx.yyy.201.34:6129 SYN ******S*
May 26 09:17:57 156.106.228.73:2177 -> xxx.yyy.201.34:3127 SYN ******S*
May 26 09:17:57 156.106.228.73:2176 -> xxx.yyy.201.34:445 SYN ******S*
May 26 09:17:57 156.106.228.73:2186 -> xxx.yyy.201.34:80 SYN ******S*
13553

May 26 20:38:53 217.224.95.195:3838 -> xxx.yyy.1.0:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3796 -> xxx.yyy.1.8:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3797 -> xxx.yyy.1.9:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3798 -> xxx.yyy.1.10:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3806 -> xxx.yyy.1.18:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3807 -> xxx.yyy.1.19:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3814 -> xxx.yyy.1.26:139 SYN ******S*
May 26 20:38:53 217.224.95.195:3816 -> xxx.yyy.1.28:139 SYN ******S*
[...]
May 26 20:40:36 217.224.95.195:3833 -> xxx.yyy.255.225:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3834 -> xxx.yyy.255.226:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3842 -> xxx.yyy.255.234:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3843 -> xxx.yyy.255.235:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3794 -> xxx.yyy.255.236:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3802 -> xxx.yyy.255.244:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3803 -> xxx.yyy.255.245:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3804 -> xxx.yyy.255.246:139 SYN ******S*
May 26 20:40:36 217.224.95.195:3812 -> xxx.yyy.255.254:139 SYN ******S*
12801

May 26 17:37:51 65.113.49.164:1215 -> xxx.yyy.1.0:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1216 -> xxx.yyy.1.1:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1217 -> xxx.yyy.1.2:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1218 -> xxx.yyy.1.3:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1219 -> xxx.yyy.1.4:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1220 -> xxx.yyy.1.5:445 SYN ******S*
May 26 17:37:51 65.113.49.164:1222 -> xxx.yyy.1.7:445 SYN ******S*
May 26 17:37:49 65.113.49.164:1223 -> xxx.yyy.1.8:445 SYN ******S*
[...]
May 26 17:50:39 65.113.49.164:1779 -> xxx.yyy.32.245:445 SYN ******S*
May 26 17:50:39 65.113.49.164:1774 -> xxx.yyy.32.240:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1784 -> xxx.yyy.32.250:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1789 -> xxx.yyy.32.255:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1788 -> xxx.yyy.32.254:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1786 -> xxx.yyy.32.252:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1785 -> xxx.yyy.32.251:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1783 -> xxx.yyy.32.249:445 SYN ******S*
May 26 17:50:40 65.113.49.164:1787 -> xxx.yyy.32.253:445 SYN ******S*
8419

May 26 06:48:08 82.36.41.56:2234 -> xxx.yyy.1.0:1433 SYN ******S*
May 26 06:48:08 82.36.41.56:2235 -> xxx.yyy.1.1:1433 SYN ******S*
May 26 06:48:08 82.36.41.56:2239 -> xxx.yyy.1.2:1433 SYN ******S*
May 26 06:48:08 82.36.41.56:2242 -> xxx.yyy.1.3:1433 SYN ******S*
May 26 06:48:09 82.36.41.56:2251 -> xxx.yyy.1.4:1433 SYN ******S*
May 26 06:48:09 82.36.41.56:2254 -> xxx.yyy.1.5:1433 SYN ******S*
May 26 06:48:09 82.36.41.56:2262 -> xxx.yyy.1.6:1433 SYN ******S*
May 26 06:48:09 82.36.41.56:2264 -> xxx.yyy.1.7:1433 SYN ******S*
[...]
May 26 07:33:04 82.36.41.56:1533 -> xxx.yyy.20.247:1433 SYN ******S*
May 26 07:33:04 82.36.41.56:1536 -> xxx.yyy.20.248:1433 SYN ******S*
May 26 07:33:05 82.36.41.56:1543 -> xxx.yyy.20.249:1433 SYN ******S*
May 26 07:33:05 82.36.41.56:1547 -> xxx.yyy.20.250:1433 SYN ******S*
May 26 07:33:05 82.36.41.56:1554 -> xxx.yyy.20.251:1433 SYN ******S*
May 26 07:33:07 82.36.41.56:1584 -> xxx.yyy.20.252:1433 SYN ******S*
May 26 07:33:07 82.36.41.56:1597 -> xxx.yyy.20.253:1433 SYN ******S*
May 26 07:33:08 82.36.41.56:1619 -> xxx.yyy.20.255:1433 SYN ******S*
6896

May 26 07:25:46 218.104.110.114:1390 -> xxx.yyy.153.98:2745 SYN ******S*
May 26 07:25:47 218.104.110.114:1392 -> xxx.yyy.153.98:1025 SYN ******S*
May 26 07:25:50 218.104.110.114:2790 -> xxx.yyy.252.2:2745 SYN ******S*
May 26 07:25:50 218.104.110.114:2792 -> xxx.yyy.252.2:1025 SYN ******S*
May 26 07:25:51 218.104.110.114:2881 -> xxx.yyy.67.223:2745 SYN ******S*
May 26 07:25:51 218.104.110.114:2883 -> xxx.yyy.67.223:1025 SYN ******S*
May 26 07:25:53 218.104.110.114:3285 -> xxx.yyy.243.125:2745 SYN ******S*
May 26 07:25:53 218.104.110.114:3287 -> xxx.yyy.243.125:1025 SYN ******S*
[...]
May 26 11:25:32 218.104.110.114:4307 -> xxx.yyy.199.186:6129 SYN ******S*
May 26 11:25:32 218.104.110.114:4309 -> xxx.yyy.199.186:139 SYN ******S*
May 26 11:25:32 218.104.110.114:4311 -> xxx.yyy.199.186:80 SYN ******S*
May 26 11:25:38 218.104.110.114:4307 -> xxx.yyy.199.186:6129 SYN ******S*
May 26 11:25:38 218.104.110.114:4311 -> xxx.yyy.199.186:80 SYN ******S*
May 26 11:25:38 218.104.110.114:4305 -> xxx.yyy.199.186:3127 SYN ******S*
May 26 11:25:38 218.104.110.114:4309 -> xxx.yyy.199.186:139 SYN ******S*
May 26 11:25:38 218.104.110.114:4303 -> xxx.yyy.199.186:1025 SYN ******S*
May 26 11:25:38 218.104.110.114:4295 -> xxx.yyy.199.186:2745 SYN ******S*
6609

May 26 00:12:34 202.108.87.126:54416 -> xxx.yyy.161.16:2745 SYN ******S*
May 26 00:12:34 202.108.87.126:54418 -> xxx.yyy.161.16:1025 SYN ******S*
May 26 00:12:34 202.108.87.126:54419 -> xxx.yyy.161.16:445 SYN ******S*
May 26 00:12:34 202.108.87.126:54420 -> xxx.yyy.161.16:3127 SYN ******S*
May 26 00:12:34 202.108.87.126:54421 -> xxx.yyy.161.16:6129 SYN ******S*
May 26 00:12:34 202.108.87.126:54422 -> xxx.yyy.161.16:139 SYN ******S*
May 26 00:12:41 202.108.87.126:54418 -> xxx.yyy.161.16:1025 SYN ******S*
May 26 00:12:41 202.108.87.126:54419 -> xxx.yyy.161.16:445 SYN ******S*
[...]
May 26 11:19:58 202.108.87.126:35260 -> xxx.yyy.1.48:139 SYN ******S*
May 26 11:19:58 202.108.87.126:64454 -> xxx.yyy.1.48:80 SYN ******S*
May 26 11:20:04 202.108.87.126:43752 -> xxx.yyy.1.48:6129 SYN ******S*
May 26 11:20:04 202.108.87.126:64454 -> xxx.yyy.1.48:80 SYN ******S*
May 26 11:20:04 202.108.87.126:36930 -> xxx.yyy.1.48:3127 SYN ******S*
May 26 11:20:04 202.108.87.126:35387 -> xxx.yyy.1.48:1025 SYN ******S*
May 26 11:20:04 202.108.87.126:35384 -> xxx.yyy.1.48:2745 SYN ******S*
May 26 11:20:04 202.108.87.126:36929 -> xxx.yyy.1.48:445 SYN ******S*
May 26 11:20:04 202.108.87.126:35260 -> xxx.yyy.1.48:139 SYN ******S*
6330

May 26 07:25:49 218.2.39.164:1737 -> xxx.yyy.223.41:2745 SYN ******S*
May 26 07:25:52 218.2.39.164:1739 -> xxx.yyy.223.41:1025 SYN ******S*
May 26 07:25:49 218.2.39.164:1741 -> xxx.yyy.223.41:3127 SYN ******S*
May 26 07:25:52 218.2.39.164:1742 -> xxx.yyy.223.41:6129 SYN ******S*
May 26 07:25:50 218.2.39.164:1941 -> xxx.yyy.90.217:2745 SYN ******S*
May 26 07:25:53 218.2.39.164:1950 -> xxx.yyy.90.217:3127 SYN ******S*
May 26 07:25:53 218.2.39.164:1952 -> xxx.yyy.90.217:6129 SYN ******S*
May 26 07:25:53 218.2.39.164:1219 -> xxx.yyy.214.120:2745 SYN ******S*
[...]
May 26 17:31:22 218.2.39.164:1361 -> xxx.yyy.147.91:1025 SYN ******S*
May 26 17:31:22 218.2.39.164:1363 -> xxx.yyy.147.91:3127 SYN ******S*
May 26 17:31:22 218.2.39.164:1364 -> xxx.yyy.147.91:6129 SYN ******S*
May 26 17:31:23 218.2.39.164:1366 -> xxx.yyy.147.91:80 SYN ******S*
May 26 17:31:28 218.2.39.164:1361 -> xxx.yyy.147.91:1025 SYN ******S*
May 26 17:31:28 218.2.39.164:1364 -> xxx.yyy.147.91:6129 SYN ******S*
May 26 17:31:28 218.2.39.164:1359 -> xxx.yyy.147.91:2745 SYN ******S*
May 26 17:31:28 218.2.39.164:1363 -> xxx.yyy.147.91:3127 SYN ******S*
May 26 17:31:29 218.2.39.164:1366 -> xxx.yyy.147.91:80 SYN ******S*
6108

May 26 07:25:47 218.1.66.189:53910 -> xxx.yyy.94.138:2745 SYN ******S*
May 26 07:25:50 218.1.66.189:1742 -> xxx.yyy.94.138:6129 SYN ******S*
May 26 07:25:47 218.1.66.189:52166 -> xxx.yyy.94.138:80 SYN ******S*
May 26 07:25:50 218.1.66.189:54184 -> xxx.yyy.94.138:1025 SYN ******S*
May 26 07:25:53 218.1.66.189:56827 -> xxx.yyy.182.74:2745 SYN ******S*
May 26 07:25:53 218.1.66.189:53914 -> xxx.yyy.182.74:1025 SYN ******S*
May 26 07:25:52 218.1.66.189:53895 -> xxx.yyy.168.158:2745 SYN ******S*
May 26 07:25:52 218.1.66.189:52774 -> xxx.yyy.20.118:2745 SYN ******S*
[...]
May 26 09:24:35 218.1.66.189:14565 -> xxx.yyy.82.144:80 SYN ******S*
May 26 09:24:35 218.1.66.189:29689 -> xxx.yyy.82.144:2745 SYN ******S*
May 26 10:00:03 218.1.66.189:63483 -> xxx.yyy.14.91:2745 SYN ******S*
May 26 10:00:03 218.1.66.189:44734 -> xxx.yyy.14.91:6129 SYN ******S*
May 26 10:00:03 218.1.66.189:53555 -> xxx.yyy.14.91:80 SYN ******S*
May 26 10:00:03 218.1.66.189:9666 -> xxx.yyy.14.91:1025 SYN ******S*
May 26 10:00:03 218.1.66.189:5878 -> xxx.yyy.185.231:2745 SYN ******S*
May 26 10:00:10 218.1.66.189:53555 -> xxx.yyy.14.91:80 SYN ******S*
May 26 10:00:12 218.1.66.189:5878 -> xxx.yyy.185.231:2745 SYN ******S*
4455

May 26 07:25:49 219.146.181.241:19565 -> xxx.yyy.193.45:1025 SYN ******S*
May 26 07:25:52 219.146.181.241:28279 -> xxx.yyy.193.45:139 SYN ******S*
May 26 07:25:51 219.146.181.241:20731 -> xxx.yyy.211.192:3127 SYN ******S*
May 26 07:25:55 219.146.181.241:28979 -> xxx.yyy.141.164:2745 SYN ******S*
May 26 07:25:52 219.146.181.241:38948 -> xxx.yyy.156.254:1025 SYN ******S*
May 26 07:25:52 219.146.181.241:39389 -> xxx.yyy.194.195:2745 SYN ******S*
May 26 07:25:53 219.146.181.241:31140 -> xxx.yyy.154.138:3127 SYN ******S*
May 26 07:25:54 219.146.181.241:46424 -> xxx.yyy.65.233:2745 SYN ******S*
[...]
May 26 09:05:57 219.146.181.241:26887 -> xxx.yyy.138.108:3127 SYN ******S*
May 26 09:06:01 219.146.181.241:20394 -> xxx.yyy.194.49:2745 SYN ******S*
May 26 09:06:01 219.146.181.241:24979 -> xxx.yyy.194.49:6129 SYN ******S*
May 26 09:10:41 219.146.181.241:27682 -> xxx.yyy.204.112:6129 SYN ******S*
May 26 09:10:42 219.146.181.241:24372 -> xxx.yyy.88.21:6129 SYN ******S*
May 26 09:10:44 219.146.181.241:47190 -> xxx.yyy.230.62:1025 SYN ******S*
May 26 09:10:44 219.146.181.241:23865 -> xxx.yyy.230.62:3127 SYN ******S*
May 26 09:10:44 219.146.181.241:26693 -> xxx.yyy.230.62:139 SYN ******S*
4059

May 26 07:25:48 218.104.207.10:27764 -> xxx.yyy.144.151:2745 SYN ******S*
May 26 07:25:49 218.104.207.10:28084 -> xxx.yyy.188.252:2745 SYN ******S*
May 26 07:25:48 218.104.207.10:27759 -> xxx.yyy.238.110:2745 SYN ******S*
May 26 07:25:51 218.104.207.10:13840 -> xxx.yyy.203.172:2745 SYN ******S*
May 26 07:25:52 218.104.207.10:28588 -> xxx.yyy.143.122:2745 SYN ******S*
May 26 07:25:52 218.104.207.10:28589 -> xxx.yyy.143.122:3127 SYN ******S*
May 26 07:25:52 218.104.207.10:14000 -> xxx.yyy.143.122:6129 SYN ******S*
May 26 07:25:52 218.104.207.10:28590 -> xxx.yyy.143.122:80 SYN ******S*
[...]
May 26 10:24:37 218.104.207.10:22361 -> xxx.yyy.90.137:1025 SYN ******S*
May 26 10:24:37 218.104.207.10:22362 -> xxx.yyy.90.137:3127 SYN ******S*
May 26 10:24:37 218.104.207.10:22363 -> xxx.yyy.90.137:6129 SYN ******S*
May 26 10:24:37 218.104.207.10:22364 -> xxx.yyy.90.137:80 SYN ******S*
May 26 10:24:43 218.104.207.10:22361 -> xxx.yyy.90.137:1025 SYN ******S*
May 26 10:24:43 218.104.207.10:22363 -> xxx.yyy.90.137:6129 SYN ******S*
May 26 10:24:43 218.104.207.10:22364 -> xxx.yyy.90.137:80 SYN ******S*
May 26 10:24:43 218.104.207.10:20763 -> xxx.yyy.90.137:2745 SYN ******S*
May 26 10:24:43 218.104.207.10:22362 -> xxx.yyy.90.137:3127 SYN ******S*
4042

May 26 07:25:48 219.146.181.243:41221 -> xxx.yyy.89.160:2745 SYN ******S*
May 26 07:25:48 219.146.181.243:27154 -> xxx.yyy.89.160:6129 SYN ******S*
May 26 07:25:48 219.146.181.243:46872 -> xxx.yyy.80.179:3127 SYN ******S*
May 26 07:25:45 219.146.181.243:23846 -> xxx.yyy.80.179:80 SYN ******S*
May 26 07:25:47 219.146.181.243:42417 -> xxx.yyy.169.81:2745 SYN ******S*
May 26 07:25:47 219.146.181.243:38994 -> xxx.yyy.169.81:1025 SYN ******S*
May 26 07:25:48 219.146.181.243:43454 -> xxx.yyy.243.186:2745 SYN ******S*
May 26 07:25:49 219.146.181.243:45133 -> xxx.yyy.254.252:1025 SYN ******S*
[...]
May 26 12:56:56 219.146.181.243:42208 -> xxx.yyy.185.242:1025 SYN ******S*
May 26 12:56:56 219.146.181.243:24676 -> xxx.yyy.185.242:2745 SYN ******S*
May 26 12:59:00 219.146.181.243:35856 -> xxx.yyy.166.158:2745 SYN ******S*
May 26 12:59:00 219.146.181.243:27181 -> xxx.yyy.166.158:1025 SYN ******S*
May 26 12:59:00 219.146.181.243:21669 -> xxx.yyy.166.158:3127 SYN ******S*
May 26 12:59:00 219.146.181.243:29484 -> xxx.yyy.166.158:6129 SYN ******S*
May 26 12:59:00 219.146.181.243:37604 -> xxx.yyy.166.158:139 SYN ******S*
May 26 12:59:00 219.146.181.243:30242 -> xxx.yyy.166.158:80 SYN ******S*
4021

May 26 07:25:51 219.146.181.246:19025 -> xxx.yyy.225.255:3127 SYN ******S*
May 26 07:25:54 219.146.181.246:18019 -> xxx.yyy.214.244:2745 SYN ******S*
May 26 07:25:52 219.146.181.246:20818 -> xxx.yyy.80.13:2745 SYN ******S*
May 26 07:25:55 219.146.181.246:17576 -> xxx.yyy.80.13:3127 SYN ******S*
May 26 07:25:55 219.146.181.246:42533 -> xxx.yyy.80.13:6129 SYN ******S*
May 26 07:25:53 219.146.181.246:43076 -> xxx.yyy.167.94:1025 SYN ******S*
May 26 07:25:53 219.146.181.246:49073 -> xxx.yyy.193.100:2745 SYN ******S*
May 26 07:25:53 219.146.181.246:43318 -> xxx.yyy.223.156:6129 SYN ******S*
[...]
May 26 12:24:17 219.146.181.246:31915 -> xxx.yyy.226.146:139 SYN ******S*
May 26 12:24:17 219.146.181.246:39894 -> xxx.yyy.226.146:80 SYN ******S*
May 26 12:24:17 219.146.181.246:47037 -> xxx.yyy.226.146:3127 SYN ******S*
May 26 12:24:17 219.146.181.246:34513 -> xxx.yyy.226.146:2745 SYN ******S*
May 26 12:24:23 219.146.181.246:44030 -> xxx.yyy.226.146:1025 SYN ******S*
May 26 12:24:23 219.146.181.246:34513 -> xxx.yyy.226.146:2745 SYN ******S*
May 26 12:24:23 219.146.181.246:20389 -> xxx.yyy.226.146:6129 SYN ******S*
May 26 12:24:23 219.146.181.246:39894 -> xxx.yyy.226.146:80 SYN ******S*
3891

--
- Ken
===========================================================================
Ken Connelly (KC152) Systems and Operations Manager, ITS - Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly@xxxxxxx phone: (319) 273-5850 fax: (319) 273-7373
_______________________________________________
Intrusions mailing list
Intrusions@xxxxxxxxxxxxxx
http://www.dshield.org/mailman/listinfo/intrusions
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re:LOGS:GCIA GCIA Version 3.5 Practical Detect Coen Bakkers: 00085, Kam Ng
Next by Date:  "LOGS: GIAC GCIA Version 3.4 Practical Detect Tuong Dam".: 00085, Tuong Dam
Previous by Thread:  [LOGS] Summary of large-scale portscanning detectsi: 00085, Ken . Connelly
Next by Thread:  Re: [LOGS] Summary of large-scale portscanning detects: 00085, Communications Router 2
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise