Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

TCP protocol decimal type 210
From: jim.halfpenny at gmail.com (Jim Halfpenny)
Date: Mon, 22 Jun 2009 09:56:59 +0100

Hi,
First things that spring to mind are DDoS traffic, warez traffic or a
malware back channel. Have you done any analysis on the packet contents
other than the protocol number?

Jim

According

2009/6/22 Dale Stirling <dale at puredistortion.com>

Hi All,

I have a box that is routinely using in excess of 4GB a day in traffic in
from the internet.

I have identified that the traffic is coming to the box via an IP Protocol
number I have never seen before: 210.

I have done some searching on the Internet and have only been able to find
that this number is in the unassigned block of protocol numbers with IANA. I
am stuck so I thought I would through it out to the smartest group of people
I know the PDC Mailing (I heard flatery works well) list to see if any one
has seen this before.

Cheers,
Dale

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090622/2bb29a2c/attachment.htm 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault