I have seen some of this activity in my customer's firewalls and I think it
is just some more script kiddies that dont have the knowledge to use nmap
or some unix tool, the then try the Windows 'tools'. I see a few a day and
report them to the originating ISP.
Gary Baribault
At 12:16 PM 1/12/2000 +1100, Andrew Moss wrote:
>HI All,
> I'm having trouble understanding some activity on one of our
>firewalls
>
> Starting today at 15:31 and going through till 15:39 every couple of
>seconds a host tried to send packets to UDP port 137 from port 137.
>
> anyone ever seen this before.
>
> The box they are trying to connect to is a WinNT 4.0 sp6a running
>Microsoft Proxy Server 2.0 wins is disabled on all external interfaces
>
>Cheers
>
>Andrew Moss
>Integrity Treasury Solutions
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
PGP signature
