This IP 212.56.68.108 has been attempting to contact Port 161 UDP for Months.
No when I try and run a NMAP scan against the box, I get my own logs filled
with the NMAP Scan. It is like 212.56.68.108 is mirroring to my IP Space.
And I dont Understand why!
The connecting IP is in my ISP range, however it has no rDNS which the ISP
would do according to their technical support. It maps back to
hugeglobal.net
I'm not entirely sure it is a customer's machine, even though it is within
the ISP IP range. It's rDNS shows it is
hugeglobal.net.
The odd thing to me, is if one does a lookup on hugeglobal.net one gets
82.103.128.2 and the rDNS of that is
e82-103-128-2s.easyspeedy.com
Not one of the local ISP I am using.
Telnetting to the IP gives this:
Telnet 212.56.68.108 connects giving...
_ _ _
___ | |_ _ __ _ __ ___ __ _ _ ()_ __ ___ __| |
/ _ \| __| '_ \ | '__/ _ \/ _` | | | | | '__/ _ \/ _` |
| (_) | |_| |_) | | | | __/ (_| | |_| | | | | __/ (_| |
\___/ \__| .__/ |_| \___|\__, |\__,_|_|_| \___|\__,_|
|_| |_|
If you do not have a CMN registered OTP device you
will not be able to login.
OTP USERS: THIS CONNECTION IS NOT ENCRYPTED, BE SMART
larabee login:
Any one got any ideas?
--
Mike
To see the world in a grain of sand,
and to see heaven in a wild flower,
hold infinity in the palm of your hands,
and eternity in an hour.
GnuGPG KeyID:=FC0D8D9A
pgpcEsauQbqhU.pgp
Description: PGP signature
