|
Security Incidents
mailing list archives
Re: Munged Napster Sessions
From: ifightspam () BIGFOOT COM (Aussie)
Date: Sat, 18 Mar 2000 03:57:32 +1100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vanja Hrustic <vanja () RELAYGROUP COM> wrote:
A silly question: is any of sites involved located at *.demon.co.uk, by
any chance?
I think that quite many people these days are seeing false alarms caused
by traffic which comes from demon. Demon blames it on "network
equipment". For example, a guy (using demon.co.uk) is browsing my
website, and during that session, a packet is sent to random high port
(like 3xxxx). Packets are really strange; sometimes they have all bits
set, sometimes not.
I just got used to that :)
Actually, I have a couple of ICQ contacts that are connecting through
demon.co.uk and I get at least 2 odd connection attempts each time they
send to me or receive a message from me. These ports can be in 3xxxx or
right down to 20, 24, 90 etc. I've never worked out why they are
sending the packets, and ICQ works perfectly anyway, so I would be
interested to know why I'm getting stupid connection attempts ONLY from
this ISP.
Aussie
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: Please verify this signature. http://www.pgpi.com
iQA/AwUBONHXXJZb9oayhFBBEQL+0wCaA6ww/3KS2gUxvl9vAuGxVQH8L7kAoKjz
X+wLUbZPxNc9MI7wOedc1Zub
=yjSJ
-----END PGP SIGNATURE-----
 By Date 
By Thread
Current thread:
|
Intro
