Loading...
[get complete service list]
Top of page
Top of page
Port Information
Protocol Service Name
tcp mosaicsyssvc1 mosaicsyssvc1
udp mosaicsyssvc1 mosaicsyssvc1
tcp solarwindows N-Able Solarwinds plugin
Top IPs Scanning
Today Yesterday
109.205.213.113 (4)85.209.11.120 (22)
45.132.1.242 (4)137.74.17.17 (17)
64.39.106.60 (4)64.39.106.39 (8)
137.74.17.17 (3)78.159.113.246 (8)
165.154.224.79 (2)5.189.157.90 (6)
165.154.41.152 (2)109.205.213.113 (5)
85.209.11.120 (2)194.180.49.68 (4)
165.154.226.2 (1)45.144.227.8 (2)
43.133.133.33 (1)153.132.228.90 (2)
43.133.129.69 (1)151.106.8.109 (2)
User Comments
Submitted By Date
Comment
Bill Scherr 2018-08-22 13:32:00
Used as a destination port on outgoing traffic by the n-able solarwinds function. The destination IP will resolve to *.n-able.com. This is not malicious traffic.
Ahmad M. Alanazy 2006-09-15 23:05:42
suddenly we saw traffic on the local network from a spoofed IP address the source port is 1235 the destination starts from 65454 and ended at 65533 but most of the traffic was designated to these ports 65519 65520 65518 and target IP addresses are generated sequentially tcp flags are set to SYN ACK, because of this PIX firewall denied the traffic. TTL in IP header equals to 63, assuming that it started from 128, this means the packet hoped 65 hops which is impossible unless it when through loops, but once it is caught by a tempest it should not be able to break away and at the end a router or a 3L switch will discard the packet. This expels the hypothesis of routing loops and draws us towards the possibility of forged packet. the targets are considered in the private subnet but not used. back to the source port 1235, if the source is identical and destination ports are unique then we may say that the traffic is a return traffic but we could not confirm this.
Top of page
CVE Links
CVE # Description
Top of page