Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Post scans
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Post scans
Post scans
19-05-2014 10:07 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I don't mind the random port scan, but I start to become a tad suspicious of port scans over a period of 3 days from the same plusnet IP.
Does anyone have any info on this server "community03.servers.plus.net" ?
Quote <84> May 16 16:12:06 IDS scan parser : tcp port scan: 84.93.230.186 scanned at least 10 ports at 146.200.196.131. (1 of 1) : 84.93.230.186 146.200.196.131 0040 TCP 80->14710 [.FA...] seq 299907060 ack 4209427391 win 111
<84> May 16 22:34:58 IDS scan parser : tcp port scan: 84.93.230.186 scanned at least 10 ports at 146.200.196.xxx. (1 of 1) : 84.93.230.186 146.200.196.xxx 0040 TCP 80->13780 [.FA...] seq 2707981615 ack 3940141635 win 111
<84> May 17 19:41:44 IDS scan parser : tcp port scan: 84.93.230.186 scanned at least 10 ports at 146.200.196.xxx. (1 of 1) : 84.93.230.186 146.200.196.xxx 0040 TCP 80->14375 [.FA...] seq 2328577751 ack 1519961124 win 207
<84> May 18 09:37:03 IDS scan parser : tcp port scan: 84.93.230.186 scanned at least 10 ports at 146.200.196.xxx. (1 of 1) : 84.93.230.186 146.200.196.xxx 0040 TCP 80->15534 [.FA...] seq 3595708792 ack 847252859 win 112
<84> May 18 22:14:57 IDS scan parser : tcp port scan: 84.93.230.186 scanned at least 10 ports at 146.200.196.xxx. (1 of 1) : 84.93.230.186 146.200.196.xxx 0040 TCP 80->16153 [.FA...] seq 253658502 ack 4101414955 win 112
Does anyone have any info on this server "community03.servers.plus.net" ?
Message 1 of 4
(659 Views)
3 REPLIES 3
Re: Post scans
19-05-2014 10:09 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It's one of the servers that we use for the Community Site - I can't see it being anything to worry about.
Message 2 of 4
(388 Views)
Re: Post scans
19-05-2014 10:41 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks Chris,
I'm not worried, just puzzled.
Why has a plusnet "community server" taken such an interest in my ports.
I'm not worried, just puzzled.
Why has a plusnet "community server" taken such an interest in my ports.
Message 3 of 4
(388 Views)
Re: Post scans
19-05-2014 1:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
This has been reported previously
https://community.plus.net/forum/index.php/topic,117757.0.html
https://community.plus.net/forum/index.php/topic,126255.msg1097866.html#msg1097866
I don't know why you've only recently started noticing it. The suprious packets arrive during or shortly after you browse these forums. The source port would be 44340 if you use https, otherwise the source port is 80.
https://community.plus.net/forum/index.php/topic,117757.0.html
https://community.plus.net/forum/index.php/topic,126255.msg1097866.html#msg1097866
I don't know why you've only recently started noticing it. The suprious packets arrive during or shortly after you browse these forums. The source port would be 44340 if you use https, otherwise the source port is 80.
Message 4 of 4
(388 Views)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page