Having recently restarted my local opensim server I find that the access port is attracting a huge volume of what seem to be port probes. On the console it looks like this:
15:18:27 - [LLUDPSERVER]: Malformed data, cannot parse 28 byte packet from 109.170.204.74:10646: 15:18:27 - 23 5A 02 E3 2A F7 56 8B 79 D5 94 B4 26 78 C8 E2 2C 79 90 65 62 4D 2E 4E 9D CC 6B 89 15:20:34 - [LLUDPSERVER]: Malformed data, cannot parse 28 byte packet from 86.164.18.198:57353: 15:20:34 - 24 F0 02 A6 11 7F 18 8B 79 D5 94 B6 28 22 ED 60 BE 20 5A 4E 7F 9F 26 80 2F B6 C5 82 15:30:18 - [LLUDPSERVER]: Malformed data, cannot parse 28 byte packet from 174.118.94.143:3320: 15:30:18 - BE B9 02 9B 16 04 46 A4 36 2E 93 97 3E 5C C3 DA 02 20 D2 DA 5F A1 07 69 7F B4 B6 05 There are many hundreds of them throughout the day - often from the same source, often from a variety of souces. Leaving a port sniffer running (Wireshark) confirms that this is real. If I search on some of the IP addresses, some of them show up in Google as previous spambot or phishing sources. If I run 'ShieldsUp' it shows that the opensim port DOES respond if poked remotely. Has anyone seen this? Is it a problem? I would have thought that it would be better for the Opensim access port to be stealthy unless it receives a valid UDP packet? Regards, Kevin
_______________________________________________ Opensim-users mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-users
