>From the looks of that log, I'd say someone was trying to find a hole into which they
could crack your box and gain root access..
I've seen scans like that before. :(
Best thing to do besides the CERT is to notify the ISP that owns that range
and see what they can do about it.
In the meantime, good luck with it.
Technomage Hawke
On Wed, 02 May 2001, "J.Francois" wrote:
>
>
> Thanks for all of the feedback.
> All of it was good and all of it was constructive.
>
> I have made changes to the
> page to only display truly "bad" activity as opposed
> to the raw logs.
>
> I have alread filled out a CERT form and will start submitting these
> on a regular basis.
>
> You all Rock!!
>
> If you want to see the changes:
> http://www.magusnet.com/ids.html
>
> Jean Francois - JLF Sends...
> President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US
> MagusNet, Inc. - Design * Develop * Integrate
> They say, "Madness takes its toll." Please have exact change...
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Signup for your free USWEST.mail Email account
http://www.uswestmail.net