Thinking...
[get complete service list]
Top of page
Port Information
Protocol Service Name
tcp --- ---
Top IPs Scanning
Today Yesterday
79.124.56.110 (8)85.217.149.62 (49)
185.91.127.85 (5)85.217.149.21 (48)
85.217.149.49 (4)85.217.149.36 (13)
45.142.193.16 (3)79.124.56.110 (4)
176.65.148.70 (3)176.65.148.58 (3)
85.217.140.19 (2)46.161.27.65 (3)
176.65.148.58 (2)176.65.148.70 (3)
100.27.42.194 (2)146.19.24.57 (2)
149.50.96.175 (2)142.251.45.206 (2)
91.191.209.118 (1)172.110.223.125 (2)
Port diary mentions
URL
A Bump in the Wire
Port 7212 spike
Top of page
User Comments
Submitted By Date
Comment
yourdatacenter.com 2008-07-27 04:11:45
Seeing a large number of scans on this TCP port from all over the world. All originate from TCP port 12200. Some form of exploit no doubt. I would explicitly block this port to be safe.
Don Smith for Daniel J one of our readers 2007-01-09 21:57:29
P2P applicaton framework gnucDNA http://www.gnucleus.com/GnucDNA
Lawrence Baldwin 2006-06-11 19:49:03
There are certain older versions of GhostSurf which fire up by default as a wide-open proxy, as I reported last year here: http://www.tenebril.com/src/advisories/open-proxy-relay.php
Deb Hale 2006-02-09 19:15:00
Associated with a product called GhostSurf by a company called Tenebril.
Top of page
CVE Links
CVE # Description
Top of page