Hello and Good Day,
I sometimes see strange log entries in our firewall log. They always
come from a webserver and use source port HTTP. Because they use a range
of destination ports (services) it looks like a port scan. But I don't
think it's an attack, because when I connect to one of the sources with
a webbrowser I just get (part of) a webpage. So it seems to be a certain
behaviour of the HTTP protocol, interpreted from the firewall as a
connection from the outside. Who can explain this ?
Kind regards
Bernd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
