In comp.os.linux.advocacy, Roy Schestowitz
<newsgroups@xxxxxxxxxxxxxxx>
wrote
on Mon, 06 Mar 2006 17:57:36 +0000
<duht9o$1obl$1@xxxxxxxxxxxxxxxxx>:
> __/ [ The Ghost In The Machine ] on Monday 06 March 2006 15:00 \__
>
>> count | toport | protocol
>> -------+--------+----------
>> 7500 | 6348 | TCP Gnutella non-attack
>> 4757 | 6348 | UDP Gnutella non-attack
>> 4685 | 445 | TCP Microsoft DS service
>> 2306 | 1026 | UDP Win NT MSTask service
>> 2104 | 139 | TCP NetBIOS Session Service
>> 1292 | 1027 | UDP ICQ
>> 1195 | 13879 | UDP unknown
>> 1193 | 135 | TCP epmap
>> 676 | 4662 | TCP eMule / P2P
>> 341 | 1025 | UDP win-rpc
>>
>> It turns out the Internet Storm Center does this far better than I can,
>
>
> Statistical samples are larger so they converge to the true proportions.
Yes, well, I have a sample point of 1 box. :-)
>
>
>> http://isc.incidents.org/
>
>
> ...Only useful if you ever bother to check the
> neighbour's grabage. *smile*
The neighbor, in this case, being a completely different ISP. It's an
issue, yes.
>
>
>> but it's clear that there is some good news out there if the Gnutella
>> counts are higher than the true attack counts here. (Since I don't
>> participate in Gnutella, I'm a little puzzled, but presumably these are
>> just "sniffprobes".)
>
>
> Posting the above will only encourage more sniffing. *sniff*
>
>
>> The bad news: 4 or 5 of them are still from That Other Vendor.
>
>
> Pepsi?
No, it starts with an "M". (And no, it's not Mello Yello
or Minute Maid (Coca-Cola), Mountain Dew, MDX, Mug Root
Bear, or Miranda Orange (Pepsi).)
>
>
>> Be safe out there. :-)
>
>
> Judging by the above, 'media injection' is the primary risk.
>
Oh no, not that. Anything but that. :-) Would they use a syringe,
particle accelerator, or TV screen?
--
#191, ewill3@xxxxxxxxxxxxx
It's still legal to go .sigless.
|
|
