[CLUE-Tech] for those of you on AT&T@home
Tim Russell
tim.russell at ilg.com
Thu May 10 15:32:13 MDT 2001
@Home has been scanning for open NNTP ports for some time now, ever
since they got a Usenet Death Penalty because of all the Wingate
machines that existed on @Home connections with open NNTP ports for
bouncing Usenet spam through.
I would very much suggest that anyone running a Linux box on their @Home
connection firewall out all 24.x.x.x addresses, because what are the
chances that you'll connect to it from another @Home machine? That way
@Home won't know if you're running services and won't bitch.
Tim
> -----Original Message-----
> From: Brandon N [mailto:bneill at yahoo.com]
> Sent: Thursday, May 10, 2001 14:55
> To: clue-tech at clue.denver.co.us
> Subject: [CLUE-Tech] for those of you on AT&T at home
>
>
> I noticed this in my packet log recently? (edited for brevity)
>
> Packet log: dsl-in - eth0 PROTO=6 24.0.0.203:43887 24.251.3.12:119
>
> port 119 is nntp (network news tranport protocal aka Usenet)
>
> Name: authorized-scan1.security.home.net
> Address: 24.0.0.203
>
>
> it seems they are doing a minimal amount of scanning.
>
> I'm going to start logging all packets from the @home network
> to see if
> I pick up any more interesting scans.
>
> brandon
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
More information about the clue-tech
mailing list