|
Posted by !:?) on July 30, 2005, 12:16 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hello,
I've been getting a number of hits on Port 80 from AOL Servers and
Proxies even without a Browser open.
Since they are not tied to an App Rule they are Blocked and they hit
some other Ports too, sometimes as high as 60,000.
Why are they Banging my Http Ports (80 and 1080) and ramdom Ports from
5000-80,000????
Since I'm Dial-up I'm not the Target but this IP Block must be.
The one's between 5000-60,000 are rare and I don't worry about them but
it seems they are AOL Servers or Proxie Servers most of the time and not
Users.
And I'm not talking about when I first go online with Dial-up where
someone else could have had the IP and I'm getting their Returns.
This example is not from a server but I had cleared my Log yesterday
after some Security Scans to check my Firewall so it's all I have right now.
Rule "Default Block HTTP Port 80" blocked (compaq,http). Details:
Inbound TCP connection
Local address,service is (compaq,http)
Remote address,service is (172.165.17.222,2122)
Process name is "N/A"
In Local Address; compaq is another way this computer lists localhost,
127.0.0.1.
|
|
Posted by N. Miller on July 30, 2005, 1:38 pm
If you were Registered and logged in, you could reply and use other advanced thread options
On Sat, 30 Jul 2005 12:16:27 -0400, !:?) wrote:
> This example is not from a server but I had cleared my Log yesterday
> after some Security Scans to check my Firewall so it's all I have right now.
Don't clear your logs if you are using the information they contain as the
basis of a question, or complaint.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
|
| Similar Threads | Posted | | Re: There is Evidence Terrorists are Probing our Computer Systems | June 17, 2006, 1:00 pm |
| There is Evidence Terrorists are Probing our Computer Systems | June 15, 2006, 6:45 am |
| DNS appliances vs servers | March 21, 2006, 5:20 pm |
| Monitoring Servers | July 7, 2006, 12:36 pm |
| "Reverse" proxy available. Any need to put web servers in DMZ ? | June 16, 2005, 2:43 pm |
| Learning about Certificate servers | January 19, 2006, 4:47 pm |
| Are all VPN Clients compatible to all VPN servers ? | May 4, 2006, 3:27 pm |
| How to setup SSL LDAP between servers? | July 12, 2006, 1:38 pm |
| How to inform I have (2) CA servers for redundancy | January 23, 2007, 11:35 am |
| block Proxy servers | April 27, 2007, 9:48 am |
|
XML site map