Incidents
Re: Re: Thousands of attempts to port 35825 and 11090 Dec 06 2006 02:21AM
artsspamhere shaw ca
Thanks for the replies. Perhaps I failed to mention that this is a "personal" fw/router (a Netgear FR314P) so the full packet dumps etc. that you folks are looking for aren't there. About the only question I can answer is that it was 99% UDP. The source ports seemed to be all over the place (I didn't notice a pattern). The frequency seemed "steady" but it wasn't coming from one particular address "alot".

Long story short, I managed to get another IP assigned to the WAN port of the router (DHCP gave me the same one all weekend no matter what I tried). All seems quiet.

I just find it odd that there isn't a mention of these ports "anywhere", but yet looking at Dshield seems to indicate a bit of activity.

Anyways ... note to the Chinese folks, there are no national secrets nor financial institutions in my basement!

Cheers,
Art

------------------------------------------------------------------------
------
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas.
World renowned security experts reveal tomorrow's threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of your
security environment. Featuring 36 hands-on training courses and 10 conference
tracks, networking opportunities with over 2,500 delegates from 40+ nations.

http://www.blackhat.com
------------------------------------------------------------------------
------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus