[CLUE-Tech] What would you all make of this?
cody at neosolv.net
cody at neosolv.net
Tue Dec 18 16:35:14 MST 2001
Should you have them, the actual log files would probably be more helpful
in this analysis. There are still tons of hosts out there
infected/scanning due to code red and nimda, and those add unexpected
web traffic and log entries. Maybe that's the culprit?
cody
On Mon, 17 Dec 2001, Kevin Cullis wrote:
> Hi all,
>
> Here's the stats from my web site, which currently only has a holder
> page on it, but here's the data from the web stats program:
>
> Time Date Month Bytes Hits Bytes Domain
> 10:35:35 2 Dec 2001 2 21253 konserv.kalatehas.net
> 10:49:01 2 Dec 2001 2 21253 cpe002078cfbbf0.cpe.net.cable.rogers.com
> 10:50:39 2 Dec 2001 2 21253 pd90142a9.dip.t-dialin.net
> 10:51:38 2 Dec 2001 2 21253 atga34eay32ej.bc.hsia.telus.net
> 11:02:50 2 Dec 2001 2 21253 modemcable023.30-203-24.mtl.mc.videotron.ca
> 11:04:48 2 Dec 2001 2 21253 adsl-156-210-121.bct.bellsouth.net
> 11:07:32 2 Dec 2001 2 21253 pec-51-234.tnt8.me2.uunet.de
> 11:07:48 2 Dec 2001 2 21301 really.badf00d.org
> 11:11:01 2 Dec 2001 2 21253 h24-64-240-187.cg.shawcable.net
> 11:12:04 2 Dec 2001 2 21301 cache2.iskon.hr
> 11:13:32 2 Dec 2001 2 21253 ct819918-c.blmngtn1.in.home.com
> 11:28:31 2 Dec 2001 2 21253 cpe002078c9a54b.cpe.net.cable.rogers.com
> 11:30:45 2 Dec 2001 2 21253 adsl-64-164-10-178.dsl.snfc21.pacbell.net
> 11:31:33 2 Dec 2001 2 21253 ip134-053-218-180.s218.muohio.edu
> 11:37:51 2 Dec 2001 2 21253 styro.lib.muohio.edu
> 11:39:26 2 Dec 2001 2 21253 ras17-p76.rvt.netvision.net.il
> 11:41:57 2 Dec 2001 2 21253 h24-77-109-105.vc.shawcable.net
> 11:42:17 2 Dec 2001 2 21253 ci1895-a.lxintn1.ky.home.com
> 11:45:42 2 Dec 2001 2 21253 cj374301-b.indpdnce1.mo.home.com
> 12:00:16 2 Dec 2001 2 21253
> dialup-67.25.113.102.dial1.sanjose1.level3.net
> 12:11:22 2 Dec 2001 5 22643 209-239-217-82.lax.jps.net
> 12:12:56 2 Dec 2001 2 21277 inktomi1-bre.server.ntl.com
> 12:13:08 2 Dec 2001 3 21753 s7-236.r1.attbi.com
> 12:17:49 2 Dec 2001 2 21253 sdn-ar-013mokcitp258.dialsprint.net
> 12:18:50 2 Dec 2001 2 21301 cc820577-e.hwrd1.md.home.com
> 12:19:57 2 Dec 2001 2 21301 dsl-213-023-050-174.arcor-ip.net
> 12:21:15 2 Dec 2001 2 21253 24-216-166-10.hsacorp.net
> 12:22:14 2 Dec 2001 2 21253 tomas.guldheden.chalmers.se
> 12:24:23 2 Dec 2001 2 21253 cable-195-162-215-167.upc.chello.be
> 12:27:17 2 Dec 2001 1 13659 black-sheep.leeds.wwwcache.ja.net
> 12:27:25 2 Dec 2001 1 7642 olive.ulcc.wwwcache.ja.net
> 12:31:43 2 Dec 2001 3 21753 ep111.ips.paulbunyan.net
> 12:33:02 2 Dec 2001 3 21753 adsl-66-72-105-69.dsl.chcgil.ameritech.net
> 12:41:57 2 Dec 2001 2 21253 ppp-216-63-116-63.dialup.bumttx.swbell.net
> 12:47:59 2 Dec 2001 2 21253 dynaisdn7-156.knoware.nl
> 12:51:49 2 Dec 2001 1 13635 ppp-65-90-118-149.mclass.broadwing.net
> 12:56:48 2 Dec 2001 2 21253 proxy1.meijer.com
> 12:56:56 2 Dec 2001 2 21253 rdu57-8-204.nc.rr.com
> 12:58:36 2 Dec 2001 2 21253 adsl-65-69-60-93.dsl.stlsmo.swbell.net
> 13:02:40 2 Dec 2001 2 21301 adsl-63-202-183-186.dsl.snfc21.pacbell.net
> 13:30:35 2 Dec 2001 6 23253 modemcable100.140-200-24.mtl.mc.videotron.ca
> 13:34:06 2 Dec 2001 3 21777 pr7-ts.telepac.pt
> 13:40:12 2 Dec 2001 2 21253 t8o84p88.telia.com
> 13:59:18 2 Dec 2001 2 21253
> dialup-63.214.71.118.dial1.boston1.level3.net
> 14:36:16 2 Dec 2001 3 21801 invdnsmm2.sit.ac.nz
> 14:53:25 2 Dec 2001 2 21253 ipc379a705.dial.wxs.nl
> 15:24:58 2 Dec 2001 2 21253 cx545657-a.vista1.sdca.home.com
> 15:26:17 2 Dec 2001 2 21253 emo.res.cmu.edu
> 15:36:49 2 Dec 2001 2 21253 sdcax57-168.dialup.optusnet.com.au
> 16:03:46 2 Dec 2001 2 21253 213-187-162-164.dd.nextgentel.com
> 16:33:46 2 Dec 2001 2 21253 metc-06-106.rh.ncsu.edu
> 16:35:26 2 Dec 2001 2 21253 dax.kom.tuwien.ac.at
> 16:38:04 2 Dec 2001 2 21253 port54-17-37.adsl.win.co.nz
> 16:40:56 2 Dec 2001 2 21253 cpe0050baab20fc.cpe.net.cable.rogers.com
> 16:49:20 2 Dec 2001 2 21301 145.2-254.110.199.200.telemar.net.br
> 16:53:46 2 Dec 2001 2 21253 luck.canad.ro
> 16:58:35 2 Dec 2001 2 21253 cn794260-a.newcas1.de.home.com
> 17:00:47 2 Dec 2001 2 21253 mkc-65-31-214-214.kc.rr.com
> 17:39:26 2 Dec 2001 2 21253 cal044102.student.utwente.nl
> 17:41:06 2 Dec 2001 5 29826 adsl-83-156-71.mco.bellsouth.net
> 17:41:10 2 Dec 2001 2 21253 niamey.ockers.net
> 18:18:01 2 Dec 2001 3 21801 222.009.dsl.syd.iprimus.net.au
> 18:21:28 2 Dec 2001 2 21253 a143222.upc-a.chello.nl
> 18:57:48 2 Dec 2001 2 21253 242842hfc49.tampabay.rr.com
> 19:12:34 2 Dec 2001 2 21253 ts1-132.f1231.quebectel.com
> 19:26:23 2 Dec 2001 2 21253 cc2111348-a.strhg1.mi.home.com
> 19:27:41 2 Dec 2001 3 21753 max113.ectisp.net
> 19:31:11 2 Dec 2001 2 21253 horus.acceleration.net
> 19:33:25 2 Dec 2001 2 21253 adsl-156-132-43.bgk.bellsouth.net
> 19:49:49 2 Dec 2001 2 21301 freyja.nlanr.net
> 19:55:34 2 Dec 2001 2 21253 rdu162-246-221.nc.rr.com
> 20:13:34 2 Dec 2001 3 21753 cache-har.cableinet.co.uk
> 20:19:38 2 Dec 2001 5 22753 dsl092-166-078.wdc1.dsl.speakeasy.net
> 20:53:39 2 Dec 2001 2 21301 modemcable078.127-201-24.mtl.mc.videotron.ca
> 21:05:12 2 Dec 2001 2 21253 dc1-cache4.syd.dav.net.au
> 21:16:25 2 Dec 2001 2 21301 tc10-12.tc.nd.edu
> 21:47:38 2 Dec 2001 2 21253 wc07.ym.rnc.net.cable.rogers.com
> 22:01:44 2 Dec 2001 2 21253 ip-63.121.203.141.indigital.net
> 23:31:03 2 Dec 2001 2 21277 proxy2.rivrw1.nsw.optushome.com.au
> 23:33:37 2 Dec 2001 2 21253 modemcable057.67-200-24.mtl.mc.videotron.ca
> 23:55:26 2 Dec 2001 2 21301 modemcable215.12-130-66.mtl.mc.videotron.ca
>
> ---------
>
> Have I been tried to be hacked, at least for the most part?
>
> Kevin
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
More information about the clue-tech
mailing list