- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Suresh Ramasubramanian (no email)
Date: Thu May 31 2007 - 23:58:26 EDT
On 5/31/07, <> wrote:
>
>
> One of my virtual web host servers have been getting multiple probes to
> TCP port 1080 (socks) every day for months from AOL IP addresses.
>
> Is AOL known to be doing something relatively innocuous on that port? I
> ask because I have portsentry null routing IP addresses that make probes
> like this.
>
If they're [SOME HEX].ipt.aol.com rDNS'd IPs - those are AOL dialups,
so probably compromised / virus infected nodes
|
|
|