Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Do I need to worry about this?



On Sun, 16 Jul 2000, Bill Horne wrote:
> From my messages file on my firewall:
> 
> Jul 16 21:05:26 server kernel: Packet log: input REJECT ppp0 
> PROTO=17 200.210.110.18:31338 \
> 32.101.212.18:31337 L=47 S=0x00 I=38386 F=0x0000 T=111
> 
> The 32... address is my IBM network dialup.  This looks like 
> NetBios/Back Orifice.  IIRC, they use those ports, but my 
> memory's hazy.

31337 is the BO port. Maybe write to abuse at tecsat.com.br or do a whois and see who is responsible for those
addresses.  It's harmless to UNIX ( unless you are runnng a BO port ;-) and you did reject it.  

I get scanned for these and others frequently.  They are all rejected by hte FW.

> The IP goes to stc18.tecsat.com.br, which is probably an owned 
> machine.  Who do I tell about it?
> 
> TIA.
> 
> Bill Horne
> -

-- 
 .david
 David Lapointe
There are two priorities: what you're doing right now, and everything else. Change
what you are doing based on intuitive surrender to the part of you that knows best.
David Allen
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org