Kenzo wrote:
[ ... ]
portsentry[236]: attackalert: Connect from host: 10.x.x.x/10.x.x.x to UDP
port: 161

That's the snmp port. the address that it's comming from is just a
workstation. Now why would a regular workstation probe me on the snmp port?
A human programmed it to do so, most likely.

What could it be?
If you tell us what OS and software the workstation is running, we could probably make more useful suggestions.

Is it a program on the computer trying to look for a device on the network
like a jetdirect?
That's very probable.

Or virus, trojan trying to spread?"
Much less likely, but still possible, I guess.

I guess I just want to know why it's doing this, and how to prevent it.
Disconnect the workstation from the network?
Configure the workstation to perform packet filtering of 168/169?
Determine which software is causing the and change it?


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to