On Tue, 23 May 2000, Denis Ducamp wrote:
> On Mon, May 22, 2000 at 08:25:19AM -0500, Lance Spitzner wrote:
> > Recently my network was scanned. I do not think
> > this was nmap. If not, does anyone have any
> > idea which tools this was?
>
> I have no idea which "scanner" it is but I couldn't use such paquets to scan
> a host. Tried against linux 2.2.13 and WinNT4SP5 but none of them replied. I
> don't think that it's a port scanner.
>
Ditto- when I first saw this post I whipped up a portscanner that would
yield the exact same signature. It doesn't seem to elicit any response,
to closed or open ports. Tried against windows, linux, solaris,
openbsd, routers... I didn't expect a response, but then, now I've
verified it. Looks like netjunk, someone messing around? :)
05/22-22:58:26.575900 xxx.xxx.xxx.xxx:31337 -> xxx.xxx.xxx.xxx:23
TCP TTL:64 TOS:0x10 ID:242 DF
***FRP** Seq: 0xA1D95 Ack: 0x53 Win: 0x400
Max
Received on May 22 2000
Intro
