Toon posts:

vanaf jullie netwerk een portscan??

Pagina: 1
Acties:
  • 65 views sinds 30-01-2008

maandag 7 april 2003 21:23

Acties:

Verwijderd

Topicstarter
Heeren,

ik ben niet zo gecharmeerd van jullie portscans die op mijn netwerk worden uitgevoerd vanaf jullie netwerk!!!

Hier ff een samenvatting:Mar 28 10:58:27 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3239
Mar 28 11:03:12 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3481
Mar 28 11:46:08 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2633
Mar 28 11:54:28 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2804
Mar 28 11:55:50 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2861
Mar 28 11:56:39 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2903
Mar 28 15:45:15 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3118
Mar 28 16:03:19 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3497
Mar 28 16:08:39 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 45 seconds {TCP} 145.94.196.123:3783
Mar 28 16:49:59 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 2 seconds {TCP} 145.94.196.123:1262
Mar 28 17:01:36 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1551
Mar 28 17:15:58 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1197
Mar 28 18:19:47 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1717
Mar 28 19:53:43 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4177
Mar 28 19:55:31 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4278
Mar 28 20:13:31 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4861
Mar 31 15:11:02 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1347
Mar 31 15:12:29 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:1436
Mar 31 15:14:43 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1495
Mar 31 15:33:42 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2531
Mar 31 15:36:06 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 3 seconds {TCP} 145.94.196.123:2739
Mar 31 15:37:02 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2811
Mar 31 15:41:03 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1341
Mar 31 15:41:52 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1422
Mar 31 15:46:58 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1558
Mar 31 15:50:19 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1731
Mar 31 15:59:07 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:1270
Mar 31 16:52:45 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:2477
Mar 31 17:20:14 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3053
Mar 31 17:35:43 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3525
Mar 31 18:01:36 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3929
Mar 31 20:04:47 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1316
Apr 1 15:36:26 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3962
Apr 1 15:46:51 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:4290
Apr 1 15:57:52 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 2 seconds {TCP} 145.94.196.123:4553
Apr 1 16:06:29 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4849
Apr 1 18:24:09 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4285
Apr 1 19:49:56 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:3161
Apr 1 19:55:30 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:3666
Apr 1 20:10:43 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4489
Apr 1 20:55:48 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 2 seconds {TCP} 145.94.196.123:1907
Apr 1 21:29:04 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:2938
Apr 1 21:33:57 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3106
Apr 1 21:42:34 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3610
Apr 1 21:43:36 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 7 seconds {TCP} 145.94.196.123:3826
Apr 1 22:05:24 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4692
Apr 1 22:26:01 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:1429
Apr 1 22:26:56 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1571
Apr 1 23:01:34 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:2179
Apr 2 10:04:49 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3450
Apr 2 10:48:04 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1216
Apr 2 11:02:08 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1809
Apr 2 11:20:17 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:2376
Apr 3 11:17:05 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3629
Apr 3 11:24:04 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:4010
Apr 3 11:24:45 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4134
Apr 3 18:32:27 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4727
Apr 3 18:35:14 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 0 seconds {TCP} 145.94.196.123:4939
Apr 3 18:50:47 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1779
Apr 3 19:50:29 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:4136
Apr 3 21:12:11 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:3159
Apr 4 11:16:19 gateway snort: [117:1:1] (spp_portscan2) Portscan detected from 213.239.154.60: 1 targets 21 ports in 1 seconds {TCP} 145.94.196.123:1663

Vervolgens komt dit IP van:
Name: athena.fok.nl
IP Address: 213.239.154.60
Location: AMSTERDAM (52.370N, 4.900E)
Network: NL-TWEAKERS

Registrant:
Codanted
Lutter 25
3068 HC ROTTERDAM
Netherlands


Dus: aan jullie de vraag: Doen jullie dit altijd bij jullie gebruikers??? Of moet ik andere stappen nemen om dit te voorkomen.

maandag 7 april 2003 21:31

Acties:
  • Alex
  • Registratie: Juli 2001
  • Laatst online: 28-02 19:26

Alex

Welke Firewall heb je? Ik heb gewerkt bij een ISP en daar kregen we dagelijk in onze abuse-boxvan dit soort mailtjes. Uiteindelijk blijkt dat het meestal de firewall is die over de stress gaat van 2 packetjes... :?

Deze post is bestemd voor hen die een tegenwoordige tijd kunnen onderscheiden van een toekomstige halfvoorwaardelijke bepaalde subinverte plagiale aanvoegend intentioneel verleden tijd.
- Giphart

maandag 7 april 2003 21:33

Acties:
  • Robin
  • Registratie: Juni 2001
  • Niet online

Robin

Mag ik je één tip geven: reageer niet zo overtrokken want dat is niet goed voor je bloeddruk :{.

maandag 7 april 2003 21:48

Acties:
  • Hans
  • Registratie: Juni 1999
  • Niet online

Hans

Dit soort meldingen komen idd regelmatig binnen op abuseboxen en zijn in de regel vaker het resultaat van slecht geconfigureerde IDS systemen of cluelessness ("JULLIE PORTSCANNEN ME!!" - met sourceport 80 :z) dan dat het werkelijk een portscan betreft.

Verder is dit afkomstig van een host van fok en niet van tweakers.

maandag 7 april 2003 22:03

Acties:
  • Kees
  • Registratie: Juni 1999
  • Laatst online: 11-03 13:50

Kees

Serveradmin / BOFH / DoC
zie reactie van Hans, ik krijg ze ook regelmatig binnen op mijn mail.. en nee, er wordt echt niet gescanned door ons, dat is doodgewoon je browser die veel requests tegelijkertijd doet, daar 21 poorten voor opent en je firewall die dat als scan ziet.

"Een serveradmin, voluit een serveradministrator, is dan weer een slavenbeheerder oftewel een slavendrijver" - Rataplan

Dit topic is gesloten.

Apple iPhone 17 LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2026 Hosting door TrueFullstaq