Yeah,
They're looking for Windows machines on your network that have been
infected with and are running Netbus server. It happens to me all the
time...that's why I have a firewall.
-- Joe
At 08:22 AM 4/8/99 -0400, Evan Brastow wrote:
>Looking at my firewall logs from last night, I noticed something I hadn't
>seen before. An address (ri-1tnt105.efortress.com) essentially tried to get
>through to my entire IP range (sequentially) - every computer on it. The
>service was listed as 12345 and the port as 11111. Protocol was TCP. My
>firewall dropped all of these packets, but nonetheless, that's scary. Was
>this some kind of probe?
>
>Thanks muchly,
>
>Evan
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
