[caiu] Scan da NSA?
Luzemário
luzemario em luzehost.com.br
Segunda Dezembro 22 18:54:57 BRST 2014
Pessoal,
Se fosse um DDoS viria de vários hosts. Não é comum o mesmo IP disparar
requisições para tantos hosts na mesma porta. Já tive isso na porta 80,
22, 8080... parece alguém procurando um backdoor. O último IP de origem
que investiguei é de uma cidade de NY. O IP muda de vez em quando, mas o
padrão é o mesmo. Sempre requisições para todo o bloco na mesma porta
várias vezes.
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.29:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.206:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.85:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.211:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.248:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.43:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.234:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.164:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.99:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.205:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.110:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.253:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.236:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.80:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.223:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.83:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.242:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.247:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.239:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.142:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.77:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.72:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.244:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.71:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.136:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.86:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.178:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.102:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.184:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.28:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.209:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.19:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.193:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.189:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.119:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.123:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.126:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.1:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.233:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.160:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.202:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.52:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.221:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.207:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.215:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.195:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.216:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.37:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.170:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.177:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.238:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.91:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.255:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.32:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.59:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.14:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.55:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.44:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.140:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.226:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.134:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.104:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.88:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.127:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.151:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.98:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.76:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.42:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.73:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.82:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.157:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.225:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.237:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.97:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.107:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.138:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.50:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.93:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.185:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.188:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.196:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.194:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.227:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.230:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.179:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.251:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.176:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.254:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.218:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.224:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.56:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.181:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.90:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.149:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.36:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.95:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.53:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.111:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.139:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.172:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.154:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.57:9064
TCP:S
block Dec 22 18:37:24 WAN 218.59.238.92:12200 200.0.81.96:9064
TCP:S
Se isso não for a NSA, o que mais pode ser?
Luzemário
More information about the caiu
mailing list