[lug] new port 445 MS vulnerability??
D. Stimits
stimits at attbi.com
Thu Oct 10 16:41:25 MDT 2002
All of a sudden, I am getting pounded (well, not too badly, but
consistently) with IP addresses from all over the place looking to
connect to port 445 tcp. They are harmless, nothing here is listening to
445, but I have to wonder if there is a new MS vulnerability here, or if
it is just a DDoS thing? Port 445 seems to be listed as microsoft domain
service. Anyone else seeing this? I am pasting a list of addresses
below, all of which were trying to get into port 445 at almost the same
time.
D. Stimits, stimits AT attbi.com
October 10, 2002
12.98.54.204
146.151.79.52
195.47.118.56
212.41.199.189
212.47.15.6
213.106.152.65
213.106.172.25
24.86.112.137
62.163.11.153
62.30.43.100
68.32.49.155
68.36.109.55
68.42.144.163
68.42.23.92
68.43.38.204
68.44.164.190
68.44.194.63
68.44.70.135
68.45.106.115
68.45.117.135
68.45.255.223
68.46.136.191
68.46.14.101
68.46.32.18
68.46.36.14
68.47.208.117
68.47.44.188
80.0.150.84
80.4.11.170
80.4.61.215
81.96.126.106
81.98.183.82
More information about the LUG
mailing list