Handler on Duty: Johannes Ullrich
Threat Level: green
Loading...
|
|
Submitted By | Date |
---|---|
Comment | |
Kevin | 2011-11-30 03:43:06 |
Nov 29 14:01:16 phics kernel: AIF:UNPRIV UDP packet: IN=eth0 OUT= SRC=66.35.46.198 DST=x.x.x.x LEN=32 TOS=0x00 PREC=0x20 TTL=2 ID=267 PROTO=UDP SPT=11356 DPT=33436 LEN=12 Occurs twice a day in groups of 4. | |
Kevin | 2011-11-30 03:43:04 |
Nov 29 14:01:16 phics kernel: AIF:UNPRIV UDP packet: IN=eth0 OUT= SRC=66.35.46.198 DST=x.x.x.x LEN=32 TOS=0x00 PREC=0x20 TTL=2 ID=267 PROTO=UDP SPT=11356 DPT=33436 LEN=12 Occurs twice a day in groups of 4. | |
Kevin | 2011-11-30 03:42:56 |
I contacted Fortrust who owns 66.35.46.198 and they indicated that the UDP traffic on port 33436 was harmless. Here is their response: "The device is to ensure that our customers always have outbound internet bandwidth available and the best performance. Your ip address must have been detected and hence the probes. We have a lot of different customers and are mainly ecommerce and search engines. You probably access one of our customers websites on a daily basis." | |
2009-04-12 00:04:18 | |
Browsing to Overstock.com, or logging in to Overstock Auctions site, results in a traceroute hit on the firewall from IP: 67.110.107.9 on every visit. |
CVE # | Description |
---|