Peter M schrieb: > Latetly, During the week, once/twice a day, I've been receiving 2 attempts at TCP > Port 111. Does anyone know anything about this? Possible Trojan Scan? What does TCP > port 111 have in common with any software? Any suggestions Comments are welcome. TCP/111 is (Sun) RPC portmapper and/or NFS. Its currentmost famous exploit: the Ramen worm. There are a number of security problems/hacks associated with these services so make sure you either disabled it or made it secure and applied the latest patches. > 2001/03/18 2:22:19 AM GMT -0500: Linksys LNEPCI II..[0000][No matching rule] Blocking > incoming TCP: src=211.54.236.83, dst=my.ip.add.res, sport=1990, dport=111. See http://www.apnic.net/apnic-bin/whois2.pl?results=all&search=211.54.236.83 for information on that IP address. Bye Volker -- Volker Tanger <[EMAIL PROTECTED]> Wrangelstr. 100, 10997 Berlin, Germany DiSCON GmbH - Internet Solutions http://www.discon.de/ - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
