|
Firewall Wizards
mailing list archives
Re: Is it "fishy"?
From: Rob Pickering <rob () pickering org>
Date: Wed, 05 Dec 2001 12:27:42 -0000
No more or less fishy than any other HTTP transaction.
It could be a legitimate long file up/download over HTTP. Of course it
could also be a non-legitimate up/download or something else being
tunnelled over HTTP.
Then again so could a "short" HTTP TCP connection.
--
Rob Pickering
On Tuesday, December 04, 2001 02:54:45 PM -0500 "C. K. Lung"
<clung () hotmail com> wrote:
The firewall log shows that a host (YMCA12) has been using http accessing
a web site over 2 hours. Is it a form of "attack" or it is normal. The
time is between 10:15 am till 12:30 pm.
Any comments are much appreciated.
Thanks,
clung
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
- Is it "fishy"? C. K. Lung (Dec 04)
- Re: Is it "fishy"? Rob Pickering (Dec 05)
| 
Intro
