We have been having the same problem. The source port is some well know service like telnet or http and the destination port is 1092 in our case. The ACK and RST bits are set as if it is an attempt to break into an already existing TCP session. Do you have a log of the source IP numbers to share to help track down culprit? - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
- re: breakin attempt on port 1124 ? Bill_Royds
- re: breakin attempt on port 1124 ? Nick Simicich
