Hello,
the port 2301 is used by the Compaq Web Administration tools.
I think this computer try to find another computer with the Compaq Web
Admin tools.
Josh Burroughs a écrit :
>
> I've seen this pattern showing up in my logs for the past few days, what
> the hell is this guy trying to do?
> Jun 5 16:52:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=56747 F=0x0000 T=128
> (#5)
> Jun 5 16:53:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=5292 F=0x0000 T=128
> (#5)
> Jun 5 16:54:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=18348 F=0x0000 T=128
> (#5)
> Jun 5 16:55:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=32172 F=0x0000 T=128
> (#5)
> Jun 5 16:56:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=45228 F=0x0000 T=128
> (#5)
> Jun 5 16:57:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=59052 F=0x0000 T=128
> (#5)
> Jun 5 16:58:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=6573 F=0x0000 T=128
> (#5)
> Jun 5 16:59:11 discworld kernel: Packet log: input DENY eth0 PROTO=17
> 24.237.48.54:2301 255.255.255.255:2301 L=40 S=0x00 I=20397 F=0x0000 T=128
> (#5)
>
> This is a snippet from the logs of my NAT/firewall at home, I am sitting
> on a cable modem network and this IP belongs does belong to another cable
> modem user, and I have emailed abuse@ with a snippet from my logs, I'm
> just really curious if anyone knows what's going on? Is this a
> misconfigured box or a deliberate probe of some kind?
> Thanks.
>
> "The only difference between me and a madman is that I am not mad."
> - Salvador Dali
>
> Josh Burroughs
Received on Jun 08 2000
Intro
