1 |
This IP 212.56.68.108 has been attempting to contact Port 161 UDP for |
2 |
Months. |
3 |
|
4 |
No when I try and run a NMAP scan against the box, I get my own logs filled |
5 |
with the NMAP Scan. It is like 212.56.68.108 is mirroring to my IP Space. |
6 |
And I dont Understand why! |
7 |
|
8 |
The connecting IP is in my ISP range, however it has no rDNS which the ISP |
9 |
would do according to their technical support. It maps back to |
10 |
hugeglobal.net |
11 |
|
12 |
I'm not entirely sure it is a customer's machine, even though it is within |
13 |
the ISP IP range. It's rDNS shows it is |
14 |
|
15 |
hugeglobal.net. |
16 |
|
17 |
The odd thing to me, is if one does a lookup on hugeglobal.net one gets |
18 |
|
19 |
82.103.128.2 and the rDNS of that is |
20 |
|
21 |
e82-103-128-2s.easyspeedy.com |
22 |
|
23 |
Not one of the local ISP I am using. |
24 |
|
25 |
Telnetting to the IP gives this: |
26 |
|
27 |
Telnet 212.56.68.108 connects giving... |
28 |
|
29 |
_ _ _ |
30 |
___ | |_ _ __ _ __ ___ __ _ _ ()_ __ ___ __| | |
31 |
/ _ \| __| '_ \ | '__/ _ \/ _` | | | | | '__/ _ \/ _` | |
32 |
| (_) | |_| |_) | | | | __/ (_| | |_| | | | | __/ (_| | |
33 |
\___/ \__| .__/ |_| \___|\__, |\__,_|_|_| \___|\__,_| |
34 |
|_| |_| |
35 |
If you do not have a CMN registered OTP device you |
36 |
will not be able to login. |
37 |
|
38 |
OTP USERS: THIS CONNECTION IS NOT ENCRYPTED, BE SMART |
39 |
|
40 |
larabee login: |
41 |
|
42 |
|
43 |
Any one got any ideas? |
44 |
|
45 |
|
46 |
-- |
47 |
Mike |
48 |
|
49 |
To see the world in a grain of sand, |
50 |
and to see heaven in a wild flower, |
51 |
hold infinity in the palm of your hands, |
52 |
and eternity in an hour. |
53 |
|
54 |
GnuGPG KeyID:=FC0D8D9A |