[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sat, Nov 1, 2008 at 12:39 PM, Simon WD Robert <simon.robert@xxxxxxxxxxxxx> wrote: > Hi > > I have had a number of warnings from my router. All the messages have > the same format, a bunch TCP packets, all from the same IP (different IP > for each warning message) followed by a UDP packet from a nother IP. Any > ideas what's being attempted? > > I'm not particularly worried, I've run a port scan and everything is > stealthed and unresponsive, but I'd like to know. > > Simon > -- > info@xxxxxxxxxxxxxxxxxxxxxx > www.oldhouse-cottage.co.uk > > The first thought that comes to mind is that may be an attempt to exploit the fairly recent DNS vulnerabilities. You could suss that by the ports the packet are aimed at. Like Steph says, it is fairly common. I'm curious if this came in over wireless or the ISP network? Regards, KevinT -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html