[CLUE-Tech] Wierd network behaviour
Brandon N
bneill at yahoo.com
Thu Jul 1 11:48:03 MDT 2004
The "zip" refers to the port number, which, from /etc/services:
zip 6/ddp # Zone Information Protocol
Brandon
--- Russell Glissmann <rglissmann at rfgsolutions.com> wrote:
> While troubleshooting other network issues, I ran a tcpdump on a
> network
> file server. I have repeatedly seen the following:
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> 255.89.194.zip > 0.0.zip: at-#6 25
> There is obviously other network traffic as well, but this is the
> traffic that concerns me. Considering the number of viruses that
> travel
> in zip files, is this what I am looking at? I ran a 'find' on the
> server looking for zip files, but none were recent, and none with the
> same name as above.
> Ideas / suggestions are appreciated.
>
> Thanks!
> Russ
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options:
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>
=====
People having no choice is a metaphor for the ease with which they can be directed.
-- Sun Tzu, The Art of War
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
More information about the clue-tech
mailing list