I have seen their scans on my system.
This was a full blown port scan for all
known trojans.
I am guessing you have some service running on one
of the ports and they figured you had a problem.
Too bad SBB failed to inform everyone of their
little scans.
On the other hand I am kind of glad to see
my OpenBSD firewall detect the stuff.
The Wolf
-> -----Original Message-----
-> From: Doug Winterburn [
mailto:doug@winterburn.net]
-> Sent: Thursday, October 26, 2000 9:49 PM
-> To:
plug-discuss@lists.PLUG.phoenix.az.us
-> Subject: RE: Sprint Broad Band
->
->
-> I just received a letter from SBB telling me "We have
-> recently learned
-> that your PC is infected with one or more viruses or Trojan Horses."
->
-> Well, since they suggested I consider a firewall, and since
-> they claim
-> to have a firewall, and since I do have a linux firewall - I
-> was rather
-> panicked! I ran around the house checking the virtual PC's
-> (vmware) and
-> any other PC's that might have had consentual contact with
-> those on my
-> network. There was nothing as described or as they intimated or that
-> showed up in all my logs/virus scanners.
->
-> So, to find out what I had missed (since they explained
-> their innocent
-> port scans which I have been seeing for a long time had found this
-> illness), I called. I asked what in particular they had found (as I
-> really wanted to know how to plug the hole) and the
-> techno-wizard that
-> answered (after 10 minutes or so) said that "it should have
-> been worded
-> differently - you don't have a virus, but it could happen". So,
-> basically, they send out spam snail mail letters to cover
-> their A** in
-> case their network might be compromised and the lawyers show up. No
-> matter that I try my best to "keep clean" - just send out
-> the bulk email
-> telling me I'm infected!
->
-> I'm still searching (for an alternative)...
->
-> -Doug
->
->
-> Date: Thu, 26 Oct 2000 16:23:10 -0700
-> To:
plug-discuss@lists.PLUG.phoenix.az.us
-> From: Jim Gunkel <
jimg@nevrona.com>
-> Subject: RE: Sprint Broad Band
-> orp.com>
-> Reply-To:
plug-discuss@lists.PLUG.phoenix.az.us
->
-> At 16:11 10/26/2000 -0400, you wrote:
-> >You lucky I NEVER get 0% packet loss.
-> >my stats are somewere
-> >12 - 35 % packet loss
-> >although I have seen worse results.
->
-> I figured I had beaten up on them enough on the message so I
-> didn't want
-> to
-> mention that about 5% of the time that we click on a link in the
-> browser,
-> it comes back with an error message (i.e. lost packet) and we have to
-> reload to get the page again. About every 5 or 6 pings I
-> get a "request
-> timed out" error, but since Windows' brain-dead ping program
-> counts that
-> as
-> a 0ms time, it makes the Average number look better than it is so I
-> included one with all hits. This lost packet rate is
-> usually much worse
-> in
-> the late afternoons.
->
-> Jim Gunkel
-> Nevrona Designs
->
-> ________________________________________________
-> See
http://PLUG.phoenix.az.us/navigator-mail.shtml if your
-> mail doesn't post to the list quickly and you use Netscape
-> to write mail.
->
-> Plug-discuss mailing list -
Plug-discuss@lists.PLUG.phoenix.az.us
->
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
->