Hits from t-dialin.net

Discussion in 'Computer Security' started by Pierre, Sep 29, 2004.

  1. Pierre

    Pierre Guest

    I'm on broadband (ADSL) and notice from my firewall log that that I get
    quite a lot of hits from this site:

    In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]

    Anyone any clues? I did a look-up but couldn't see much of relevance.
    TIA
     
    Pierre, Sep 29, 2004
    #1
    1. Advertising

  2. Pierre

    Moe Trin Guest

    In article <>, Pierre wrote:
    >I'm on broadband (ADSL) and notice from my firewall log that that I get
    >quite a lot of hits from this site:


    Not enough information. Is it hitting the same port number on your box,
    or is it scanning? What ports?

    >In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]


    The source port (64935) is in a range often used by port forwarding
    applications. Other than that - nothing of interest.

    >Anyone any clues? I did a look-up but couldn't see much of relevance.


    It's obviously a dynamic port - the host name contains the IP address
    in hex. Do you have any reason to be offering network services to
    the outside world? If not, block the crap, and ignore it.

    Old guy
     
    Moe Trin, Sep 29, 2004
    #2
    1. Advertising

  3. Pierre

    donnie Guest

    On Wed, 29 Sep 2004 11:50:17 +0100, Pierre wrote:

    >I'm on broadband (ADSL) and notice from my firewall log that that I get
    >quite a lot of hits from this site:
    >
    >In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]
    >
    >Anyone any clues? I did a look-up but couldn't see much of relevance.
    >TIA

    ################
    It's probably some dialup user looking for a trojan that runs on that
    port. Run netstat -an to check your connections
     
    donnie, Sep 30, 2004
    #3
  4. Pierre

    Pierre Guest

    donnie wrote:
    >
    > On Wed, 29 Sep 2004 11:50:17 +0100, Pierre wrote:
    >
    > >I'm on broadband (ADSL) and notice from my firewall log that that I get
    > >quite a lot of hits from this site:
    > >
    > >In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]
    > >
    > >Anyone any clues? I did a look-up but couldn't see much of relevance.
    > >TIA

    > ################
    > It's probably some dialup user looking for a trojan that runs on that
    > port. Run netstat -an to check your connections


    netstat -an checks out ok. No apparent problem there.

    Guess I'll just continue to block it, but it'd be nice to know what's
    causing it.

    Pierre
     
    Pierre, Sep 30, 2004
    #4
  5. Pierre

    donnie Guest

    On Thu, 30 Sep 2004 11:04:51 +0100, Pierre wrote:

    >
    >
    >donnie wrote:
    >>
    >> On Wed, 29 Sep 2004 11:50:17 +0100, Pierre wrote:
    >>
    >> >I'm on broadband (ADSL) and notice from my firewall log that that I get
    >> >quite a lot of hits from this site:
    >> >
    >> >In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]
    >> >
    >> >Anyone any clues? I did a look-up but couldn't see much of relevance.
    >> >TIA

    >> ################
    >> It's probably some dialup user looking for a trojan that runs on that
    >> port. Run netstat -an to check your connections

    >
    >netstat -an checks out ok. No apparent problem there.
    >
    >Guess I'll just continue to block it, but it'd be nice to know what's
    >causing it.
    >
    >Pierre

    #######################
    If netstat is ok then, chances are you're ok. As I said, it's
    probably a dialup user scanning IPs for a particular trojan that uses
    that port. It happens every day. As long as that port is closed on
    your box, he/she can scan all day and it doesn't matter.
     
    donnie, Oct 1, 2004
    #5
  6. Pierre

    Pierre Guest

    donnie wrote:
    >
    > On Thu, 30 Sep 2004 11:04:51 +0100, Pierre wrote:
    >
    > >
    > >
    > >donnie wrote:
    > >>
    > >> On Wed, 29 Sep 2004 11:50:17 +0100, Pierre wrote:
    > >>
    > >> >I'm on broadband (ADSL) and notice from my firewall log that that I get
    > >> >quite a lot of hits from this site:
    > >> >
    > >> >In TCP: pD9542926.dip.t-dialin.net [217.84.41.38:64935]
    > >> >
    > >> >Anyone any clues? I did a look-up but couldn't see much of relevance.
    > >> >TIA
    > >> ################
    > >> It's probably some dialup user looking for a trojan that runs on that
    > >> port. Run netstat -an to check your connections

    > >
    > >netstat -an checks out ok. No apparent problem there.
    > >
    > >Guess I'll just continue to block it, but it'd be nice to know what's
    > >causing it.
    > >
    > >Pierre

    > #######################
    > If netstat is ok then, chances are you're ok. As I said, it's
    > probably a dialup user scanning IPs for a particular trojan that uses
    > that port. It happens every day. As long as that port is closed on
    > your box, he/she can scan all day and it doesn't matter.


    Thanks!
     
    Pierre, Oct 1, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. robert mcfadzien

    CISCO 2511 - Dialin access / DTR

    robert mcfadzien, Jul 15, 2003, in forum: Cisco
    Replies:
    1
    Views:
    3,314
    Aaron Leonard
    Jul 17, 2003
  2. Eirik Alim

    Dialin to C800 via mobile phone

    Eirik Alim, Feb 14, 2004, in forum: Cisco
    Replies:
    0
    Views:
    444
    Eirik Alim
    Feb 14, 2004
  3. Au79

    Windows flaw attack code hits the net

    Au79, Jun 28, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    406
    Rectum Burn
    Jun 28, 2006
  4. Au79

    Windows flaw attack code hits the net

    Au79, Jun 29, 2006, in forum: Computer Support
    Replies:
    0
    Views:
    343
  5. Milhouse Van Houten

    Page caching still frequently hits the 'Net

    Milhouse Van Houten, Aug 1, 2007, in forum: Firefox
    Replies:
    4
    Views:
    402
    Milhouse Van Houten
    Aug 4, 2007
Loading...

Share This Page