Well, whatever was going on, there were 5 outside connections within 40 minutes from ip's in net blocks belonging to Turkey, Kuwait, Belgium, Canada, and one US isp. That in itself seems pretty bizarre. I'll take a look at Citadel/UX to see what that's about.
Thanks for your info. F. Mike Burger wrote: > > There are legitimate uses for port 2000. > > In my case, it's for a middleware program called Webcit. Webcit is a > mini-web server of sorts, which is used to connect to Citadel/UX BBS > systems. > > Before killing the user, make sure nobody was running a Citadel/UX system > and/or Webcit, first. <G> > > On Mon, 11 Feb 2002, Fred Herman wrote: > > > I have suddenly seen connection attempts to port 2000 (TCP) from outside > > a NAT box on a network I support. The disturbing thing is that I also > > saw a connection attempt from the other (Local) side of the NAT box in > > the middle of these attempts. > > > > I searched security advisories, but didn't see anything for this port. > > Anyone have a clue? I'd like to have some idea what this is about > > before I confront the owner of the PC on my local network from which the > > attempt also came. > > > > Thank you > > > > Fred > > > > _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
