> ?? What/why would a socks proxy port port be probed ??
Socks is a network proxy protocol used to provide NAT access for one section
of a network to another. It is possible that the machine from which the
packets came is hitting you or everyone (I haven't seen your packet log
entry, so I can't decipher it) in an attempt to detect its proxy.
This probably indicates a mis-configured machine on your segment of your
ISP's network, or that is less than a certain number of hops distance from
your machine so that the packets do not time out before getting to you.
Socks and DNS, even DHCP hits on your machine usually don't pose a threat at
all. It's just that someone seems not to know what they're doing--most often
on Windows machines. Check to see (or include the packet log entry) that the
destination is 255.255.255.255, or "broadcast". If this is so, then it's
definitely not an attack. If otherwise, I would guess it's a
mis-configuration.
--Greg
----- Original Message -----
From: "John Rye" <[EMAIL PROTECTED]>
>
> I'm well protected.. using ipchains, I already have your suggestion
> setup.
>
> It was more a question of whether one should attempt to 'deal to' the
> offender.
>
> I used to be continually probed when I used ICQ and Jammer on that
> other opsys, and had some good results by attacking the source-site
> owner, but those were not of this type.
>
> ?? What/why would a socks proxy port port be probed ??
>
> Suggestions and further discussion might be useful to other list
> members.
>
> Cheers
>
> --
______________________________________________________________________________
Vous avez un site perso ?
2 millions de francs à gagner sur i(france) !
Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
