Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

jjohn (22)

jjohn
  (email not shown publicly)
http://taskboy.com/
AOL IM: taskboy3000 (Add Buddy, Send Message)

Perl hack/Linux buff/OSS junkie.

Journal of jjohn (22)

Monday August 18, 2003
05:28 PM

Blaster hoses DSL

[ #14189 ]

Here's my firewall's incoming access log. Notice a pattern?

IP               PORT
-------------------------
217.187.133.15:  21
205.181.100.135: 113
205.181.100.135: 113
205.181.100.135: 113
141.149.180.20:  135
151.197.14.116:  135
151.201.112.178: 135
151.201.26.231:  135
151.202.16.79:   135
151.202.215.24:  135
151.202.215.44:  135
151.202.215.59:  135
151.202.215.61:  135
151.202.215.64:  135
151.203.47.97:   135
151.203.52.16:   135
151.203.52.167:  135
151.203.52.171:  135
151.203.52.176:  135
151.203.52.177:  135
151.203.52.94:   135
151.203.53.129:  135
151.203.53.28:   135
151.203.53.3:    135
151.203.54.141:  135
151.203.54.76:   135
151.203.54.80:   135
151.203.55.105:  135
151.203.55.132:  135
210.5.22.19:     135
210.5.22.20:     135
210.5.22.22:     135
69.144.221.229:  135
148.243.148.147: 137
200.158.167.235: 137
62.251.202.37:   137
64.216.69.17:    137
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
218.15.192.64:   1026
129.6.15.29:     4628
129.6.15.29:     4806
129.6.15.29:     4806
129.6.15.29:     4806
129.6.15.29:     4806
129.6.15.29:     4806
129.6.15.29:     4806
129.6.15.29:     4806
158.121.104.3:   44980
158.121.104.3:   44980
158.121.104.3:   45051
158.121.104.3:   45051
158.121.104.3:   45051
64.239.39.14:    45176
158.121.104.3:   45218
158.121.104.3:   45218
158.121.104.3:   45218
158.121.104.3:   45218
158.121.104.3:   45218
158.121.104.3:   45218

Thank you, MSBlaster. Thank you so f'ing much.

Dink!

Update: sobig -- you're a dink, too!

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • if you're on linux using ipchains or iptables, you might find my tailfilter script useful.

    I'd also be interested (if you are on a BSD-variant) in learning how to make it function for that type of firewall logging.

    Tailfilter [webdragon.net]