Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
tcpdump reads this over and over
00:18:34.186711 arp who-has 24.12.192.231 tell 24.12.192.129
00:18:34.190451 arp who-has c1343283-a.clmba1.mo.home.com tell 24.16.157.1
00:18:34.190966 c911942-a.clmba1.mo.home.com.1025 >
ns1.home.net.domain: 2398[|domain]
00:18:34.239297 ns1.home.net.domain >
c911942-a.clmba1.mo.home.com.1025: 2398*[|domain]
00:18:34.255406 arp who-has c1680133-a.clmba1.mo.home.com tell 24.16.157.1
00:18:34.429992 arp who-has c1430312-a.clmba1.mo.home.com tell
24.12.192.129
00:18:34.550107 arp who-has c1450722-a.clmba1.mo.home.com tell 24.12.199.1
00:18:34.619025 arp who-has c384138-a.clmba1.mo.home.com tell 24.12.199.1
00:18:34.771929 arp who-has 24.16.157.202 tell 24.16.157.1
00:18:35.333398 arp who-has c1677233-a.clmba1.mo.home.com tell 24.16.157.1
00:18:35.580597 arp who-has c1251591-a.clmba1.mo.home.com tell 24.12.199.1
00:18:35.662958 arp who-has c874365-a.clmba1.mo.home.com tell 24.16.157.1
00:18:35.789315 arp who-has c216090-a.clmba1.mo.home.com tell 24.12.199.1
00:18:35.932064 arp who-has 24.16.157.66 tell 24.16.157.1
00:18:36.016145 arp who-has c1404516-a.clmba1.mo.home.com tell
65.6.249.129
00:18:36.031259 arp who-has c1410007-a.clmba1.mo.home.com tell 24.16.157.1
00:18:36.031802 c911942-a.clmba1.mo.home.com.1025 >
ns1.home.net.domain: 50701[|domain]
00:18:36.034283 arp who-has c376977-a.clmba1.mo.home.com tell 24.16.157.1
00:18:36.079378 ns1.home.net.domain >
c911942-a.clmba1.mo.home.com.1025: 50701* 1/2/2 (184)
00:18:36.310113 arp who-has c1590816-b.clmba1.mo.home.com tell 24.16.157.1
On Sun, 5 Aug 2001, c w wrote:
> I'm on @home too and the modem has been showing very
> busy for the past couple or three days. Doing an
> ethereal run, I'm seeing huge numbers of arps. Anyone
> know offhand if that's a byproduct of CodeRed? I'll
> try google...
>
> Chris
>
>
> --- Ian Monroe <EMAIL:PROTECTED> wrote:
> > I'll answer my own question. I just installed Apache
> > for Win32 and the log
> > is filling up. My cable modem is blinking a lot,
> > probably because I have
> > two IP address's on one modem. At incidents.org I
> > found a program that
> > *nix users can use:
> > http://www.unixwiz.net/tools/websnarf.html
> >
> > I checked some of the ip address's and none of them
> > are actual web
> > pages. They are all under construction or Error 403.
> > This makes
> > sense; people running servers when they don't even
> > realise it.
> >
> > It said on slashdot that it is the 24.* ip's that
> > are getting hit the
> > most, which is certainly the case (I have @home so I
> > have 24. ip address).
> >
> > Ian
>
>
> __________________________________________________
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/
> --
> To manage your subscription, go to http://mlug.missouri.edu/members/edit.php
>
> Archives are available at http://mlug.missouri.edu/list-archives/
>
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact