This is my edited log file of all probes and attempted attacks against my PC in recent weeks. The PC is connected to the Internet via a DSL modem via ISP SBIS. Because most people using DSL modems have somewhat static IP address attackers know exactly where to look for potential targets. To learn more about the intruder problem visit www.grc.com. To learn more about the Black Ice Defender firewall software visit www.networkice.com.
| Date | Time | Description | IP address | Hostname/Netbios name |
|---|---|---|---|---|
| Jan 23 2000 | 08:01:51 | TCP port scan | 206.58.83.8 | [Unknown] |
| Jan 23 2000 | 07:17:16 | UDP port probe | 206.58.83.8 | [Unknown] |
| Jan 21 2000 | 05:44:14 | NetBIOS port probe | 216.180.10.8 | tc06-216-180-10-8.dialup.HiWAAY.net |
| Jan 20 2000 | 06:01:01 | NetBIOS port probe | 208.190.220.99 | adsl-208-190-220-99.dsl.stlsmo.swbell.net |
| Jan 20 2000 | 02:49:13 | TCP port scan | 207.71.92.221 | shieldsup.grc.com |
| Jan 20 2000 | 00:28:24 | UDP port probe | 208.190.218.36 | adsl-208-190-218-36.dsl.stlsmo.swbell.net |
| Jan 17 2000 | 13:57:04 | ICMP subnet mask request | 132.201.163.166 | inmssl-a.sbc.com |
| Jan 15 2000 | 21:07:18 | UDP port probe | 208.190.216.208 | adsl-208-190-216-208.dsl.stlsmo.swbell.net |
| Jan 14 2000 | 09:00:52 | TCP port probe | 195.12.225.55 | pc7.teliauk.net |
| Jan 12 2000 | 00:48:00 | PCAnywhere ping | 216.63.51.227 | adsl-216-63-51-227.dsl.stlsmo.swbell.net |
| Jan 11 2000 | 23:34:00 | FTP port probe | 63.193.115.113 | adsl-63-193-115-113.dsl.snfc21.pacbell.net |
| Jan 10 2000 | 13:49:21 | SubSeven port probe | 209.214.9.51 | host-209-214-9-51.mia.bellsouth.net |
| Jan 8 2000 | 16:56:13 | PCAnywhere ping | 216.63.51.184 | adsl-216-63-51-184.dsl.stlsmo.swbell.net |
| Jan 7 2000 | 16:21:22 | FTP port probe | 202.219.66.159 | pppk159.wbs.ne.jp |
| Jan 7 2000 | 15:36:33 | Proxy port probe | 202.219.66.159 | pppk159.wbs.ne.jp |
| Jan 7 2000 | 01:32:46 | SOCKS port probe | 207.104.60.117 | ppp-207-104-60-117.sktn01.pacbell.net |
| Jan 7 2000 | 01:26:33 | PCAnywhere ping | 216.63.51.195 | adsl-216-63-51-195.dsl.stlsmo.swbell.net |
| Jan 6 2000 | 13:05:09 | TCP OS fingerprint | 216.63.53.227 | adsl-216-63-53-227.dsl.stlsmo.swbell.net |
| Jan 5 2000 | 13:56:18 | Back Orifice ping | 63.20.110.38 | 1Cust38.tnt20.chi5.da.uu.net |
| Jan 5 2000 | 07:33:43 | NetBus port probe | 194.29.56.31 | dialin-194-29-56-31.nuernberg.gigabell.net |
| Jan 5 2000 | 02:25:36 | PCAnywhere ping | 216.63.51.184 | adsl-216-63-51-184.dsl.stlsmo.swbell.net |
| Jan 5 2000 | 01:21:17 | RPC port probe | 210.107.65.65 | [Unknown] |
| Jan 4 2000 | 18:41:24 | UDP trojan horse probe | 24.95.68.112 | dhcp9568112.columbus.rr.com |
| Jan 4 2000 | 02:35:21 | RPC port probe | 206.170.13.4 | noc.refract.com |
| Jan 4 2000 | 01:22:26 | PCAnywhere ping | 216.63.51.82 | adsl-216-63-51-82.dsl.stlsmo.swbell.net |
| Jan 3 2000 | 04:01:13 | UDP trojan horse probe | 204.180.118.106 | max3-37.cei.net |
| Jan 2 2000 | 03:48:38 | PCAnywhere ping | 216.63.51.184 | adsl-216-63-51-184.dsl.stlsmo.swbell.net |
| Jan 1 2000 | 21:04:30 | SOCKS port probe | 151.197.13.92 | adsl-151-197-13-92.bellatlantic.net |
| Jan 1 2000 | 04:11:57 | PCAnywhere ping | 216.63.51.138 | adsl-216-63-51-138.dsl.stlsmo.swbell.net |
| Dec 31 1999 | 23:30:05 | TCP port scan | 207.71.92.221 | shieldsup.grc.com |
| Dec 31 1999 | 04:11:40 | DNS port probe | 12.9.162.4 | [Unknown] |
| Dec 31 1999 | 02:25:33 | Back Orifice ping | 4.3.208.14 | lsajca1-208-014.dsl.gtei.net |
| Dec 30 1999 | 21:27:55 | UDP port probe | 216.63.54.232 | adsl-216-63-54-232.dsl.stlsmo.swbell.net |
| Dec 30 1999 | 04:49:53 | PCAnywhere ping | 216.63.51.138 | adsl-216-63-51-138.dsl.stlsmo.swbell.net |
| Dec 30 1999 | 04:21:39 | PCAnywhere ping | 216.63.51.227 | ALLROY |
| Dec 29 1999 | 23:28:50 | UDP port probe | 216.63.51.138 | adsl-216-63-51-138.dsl.stlsmo.swbell.net |
| Dec 29 1999 | 11:25:57 | PCAnywhere ping | 216.63.51.195 | MERRICK-1 |
| Dec 29 1999 | 11:25:57 | UDP port probe | 216.63.51.195 | adsl-216-63-51-195.dsl.stlsmo.swbell.net |
| Dec 22 1999 | 23:12:48 | RPC port probe | 216.78.218.28 | adsl-78-218-28.rdu.bellsouth.net |
| Dec 20 1999 | 05:25:56 | NetBIOS port probe | 216.61.197.203 | ELWOOD |
| Dec 19 1999 | 19:21:29 | NetBIOS port probe | 216.63.53.140 | SERVER |
| Dec 17 1999 | 22:10:19 | NetBIOS port probe | 216.18.18.2 | frohike.tap.ca |
| Dec 17 1999 | 10:46:14 | TELNET port probe | 216.63.54.223 | adsl-216-63-54-223.dsl.stlsmo.swbell.net |
| Dec 16 1999 | 13:08:27 | TCP port probe | 216.129.11.141 | baron.virbrain.com |
| Dec 15 1999 | 17:44:06 | UDP port probe | 216.63.53.221 | adsl-216-63-53-221.dsl.stlsmo.swbell.net |
| Dec 14 1999 | 16:40:22 | FTP port probe | 24.27.11.228 | TIGGER |
| Dec 14 1999 | 00:24:29 | NetBIOS port probe | 216.63.53.140 | SERVER |
| Dec 13 1999 | 13:14:40 | ICMP subnet mask request | 132.201.163.166 | [Unknown] |
| Dec 13 1999 | 04:29:15 | NetBus probe | 209.156.160.145 | PC3 |
| Dec 11 1999 | 07:23:37 | TCP port scan | 63.208.47.203 | dialup-63.208.47.203.StLouis1.Level3.net |
| Dec 10 1999 | 11:24:06 | NetBIOS port probe | 216.63.52.127 | CORE |
| Dec 9 1999 | 20:39:58 | UDP port probe | 216.63.53.221 | adsl-216-63-53-221.dsl.stlsmo.swbell.net |
| Dec 9 1999 | 20:35:06 | UDP port probe | 216.63.49.180 | adsl-216-63-49-180.dsl.stlsmo.swbell.net |
| Dec 8 1999 | 20:50:48 | UDP trojan horse probe | 24.114.90.3 | CR325571-A |
| Dec 8 1999 | 17:10:14 | UDP port probe | 216.63.49.64 | adsl-216-63-49-64.dsl.stlsmo.swbell.net |
| Dec 6 1999 | 23:12:43 | NetBIOS port probe | 216.189.5.17 | SALES |
| Dec 5 1999 | 04:26:20 | TCP port probe | 151.164.128.17 | home.swbell.net |
| Dec 4 1999 | 00:35:49 | TCP trojan horse probe | 152.168.214.136 | 98A8D688.ipt.aol.com |
| Dec 2 1999 | 14:32:57 | WhatsUp scan | 151.142.252.11 | securit-v1.twc.com |
| Dec 2 1999 | 05:50:19 | NetBIOS port probe | 216.63.54.246 | CORE |
| Dec 1 1999 | 09:25:16 | NetBus probe | 24.24.146.27 | we-24-24-146-27.we.mediaone.net |
| Dec 1 1999 | 02:02:19 | TELNET port probe | 216.63.54.246 | CORE |
| Nov 30 1999 | 20:53:41 | NetBIOS port probe | 216.63.54.246 | CORE |
| Nov 30 1999 | 20:53:41 | TCP port probe | 216.63.54.246 | CORE |
| Nov 29 1999 | 01:22:42 | PCAnywhere ping | 216.63.54.203 | BIGBERTHA |
| Nov 28 1999 | 07:16:11 | TCP port probe | 151.164.128.17 | home.swbell.net |
| Nov 28 1999 | 02:59:00 | NetBIOS port probe | 216.61.114.48 | adsl-216-61-114-48.dsl.eulstx.swbell.net |
| Nov 27 1999 | 16:58:43 | TCP port probe | 206.151.152.3 | |
| Nov 25 1999 | 18:58:40 | RPC port probe | 194.47.217.196 | h55b127.delphi.afb.lu.se |
| Nov 24 1999 | 17:48:07 | PCAnywhere ping | 216.63.54.85 | JHOFFMANLAP |
| Nov 24 1999 | 01:22:56 | SOCKS port probe | 216.98.91.243 | ANNEWARD |
| Nov 20 1999 | 14:47:23 | TCP port probe | 170.1.173.182 | [Unknown] |
| Nov 20 1999 | 10:02:28 | RPC port probe | 12.29.12.35 | ns1.candlemart.com |
| Nov 20 1999 | 06:14:40 | TCP port scan | 207.71.92.221 | shieldsup.grc.com |
Generated by PERL scripts written by Robin Keir
http://members.home.com/rkeir/
Modified by Rob Anderson
http://home.swbell.net/anumber1/