Bill Fox wrote:
>
> Somebody posted about 'Squid', the web-cache server, which caught my
> attention. On a firewalls-related note, does anyone have any idea what tool
> is used for all these probes to port 3128 (Squid) that have been going on
> for the last month or so?? They're really just an aggravation at my sites,
> but I'm still curious as to why they continue, and why they're originating
> from so many sources? Is someone handing out a script on the IRC's, or
> what? I get an average of about 20 of these probes a day lately, all
> consisting of exactly 4 TCP connect attempts (each) to ports 80, 8080, and
> 3128.
>
No idea why they happen, but I just keep reporting these
"abuses" to their upstream ISP admins until they stop. I
have gotten a ton of these probes myself starting back
last April, so I definately feel your pain. :(
I get the network information from:
http://mjhb.marina-del-rey.ca.us/cgi-bin/ipw.pl
and sometimes a good traceroute ...
For other countries, they often don't have the abuse@*
email to report these probes, so you have to stick with
postmaster.
-- Joshua
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NODEWORKS >> free web link monitoring Huntington Beach, CA USA
http://www.nodeworks.com 1-562-683-2142
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
