This IP 212.56.68.108 has been attempting to contact Port 161 UDP for
Months.
No when I try and run a NMAP scan against the box, I get my own logs filled
with the NMAP Scan. It is like 212.56.68.108 is mirroring to my IP Space.
And I dont Understand why!
The connecting IP is in my ISP range, howe
Michael Thompson wrote:
> This IP 212.56.68.108 has been attempting to contact Port 161 UDP for
> Months.
Are you running SNMP on your box? Port 161 is SNMP, if you have it open
to the outside world, could it be collecting data - hence often connections?
>
> No when I try and run a NMAP scan a
On Friday 08 July 2005 15:32, Tim Igoe wrote:
> Michael Thompson wrote:
> > This IP 212.56.68.108 has been attempting to contact Port 161 UDP for
> > Months.
>
> Are you running SNMP on your box? Port 161 is SNMP, if you have it open
> to the outside world, could it be collecting data - hence often
Hi,
On Fri, 8 Jul 2005 15:46:42 +0100
Michael Thompson <[EMAIL PROTECTED]> wrote:
> > > Any one got any ideas?
> >
> > you could just try blackholing the IP at your firewall, or as i've
> > already mentioned - try and contact your ISP with all you know and see
> > if htey can shed any light on it
On Friday 08 July 2005 16:11, Hans-Werner Hilse wrote:
> Well, two possibilities.
> 1.) the packets are already mirrored at your own box
> 2.) the packets are mirrored at the target box
>
> I guess it's #2, you can find out by tcptracing the wire.
>
> If I were to reproduce this behaviour of the re
Hi,
On Fri, 8 Jul 2005 16:42:43 +0100
Michael Thompson <[EMAIL PROTECTED]> wrote:
> Umm, quite possible. How about they have set their SNMP broadcast to a too
> wide range, which includes the whole subnet?
Yes, of course, I've mixed up two items you told, my fault. They're
sending SNMP, and ye
6 matches
Mail list logo
