Куль хацкеры. "Атаки" за сегодня.
C
Copper_Kettle
Немалая доля из Ебурга :-)
Свой ip я заменил на XXX :
08/12/03 08:32:07 12.Aug.2003 02:32:07 GMT;141.155.150.202;1637;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 141.155.150.202:1637, protocol: TCP. TCP flags: SYN
08/12/03 08:32:49 12.Aug.2003 02:32:49 GMT;218.106.81.6;4072;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.106.81.6:4072, protocol: TCP. TCP flags: SYN
08/12/03 08:35:42 12.Aug.2003 02:35:42 GMT;211.106.74.53;3927;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.106.74.53:3927, protocol: TCP. TCP flags: SYN
08/12/03 08:38:28 12.Aug.2003 02:38:28 GMT;213.138.224.87;4083;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.224.87:4083, protocol: TCP. TCP flags: SYN
08/12/03 08:42:04 12.Aug.2003 02:42:04 GMT;207.173.210.77;4608;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 207.173.210.77:4608, protocol: TCP. TCP flags: SYN
08/12/03 08:42:18 12.Aug.2003 02:42:18 GMT;67.164.13.108;3829;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 67.164.13.108:3829, protocol: TCP. TCP flags: SYN
08/12/03 08:48:31 12.Aug.2003 02:48:31 GMT;211.218.183.119;4109;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.218.183.119:4109, protocol: TCP. TCP flags: SYN
08/12/03 08:48:59 12.Aug.2003 02:48:59 GMT;218.73.194.214;3848;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.73.194.214:3848, protocol: TCP. TCP flags: SYN
08/12/03 08:49:26 12.Aug.2003 02:49:26 GMT;213.138.232.8;1468;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.232.8:1468, protocol: TCP. TCP flags: SYN
08/12/03 08:49:39 12.Aug.2003 02:49:39 GMT;61.231.41.84;3879;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.231.41.84:3879, protocol: TCP. TCP flags: SYN
08/12/03 08:50:09 12.Aug.2003 02:50:09 GMT;213.140.121.48;4359;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:4359, protocol: TCP. TCP flags: SYN
08/12/03 08:57:41 12.Aug.2003 02:57:41 GMT;213.138.233.204;1348;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.233.204:1348, protocol: TCP. TCP flags: SYN
08/12/03 08:59:13 12.Aug.2003 02:59:13 GMT;213.140.121.115;4386;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.115:4386, protocol: TCP. TCP flags: SYN
08/12/03 08:59:30 12.Aug.2003 02:59:30 GMT;220.85.34.187;3992;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.85.34.187:3992, protocol: TCP. TCP flags: SYN
08/12/03 09:04:33 12.Aug.2003 03:04:33 GMT;218.91.234.190;3808;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.91.234.190:3808, protocol: TCP. TCP flags: SYN
08/12/03 09:09:39 12.Aug.2003 03:09:39 GMT;213.140.121.181;2033;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:2033, protocol: TCP. TCP flags: SYN
08/12/03 09:11:22 12.Aug.2003 03:11:22 GMT;221.167.236.248;3731;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.167.236.248:3731, protocol: TCP. TCP flags: SYN
08/12/03 09:16:34 12.Aug.2003 03:16:34 GMT;213.140.121.115;3424;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.115:3424, protocol: TCP. TCP flags: SYN
08/12/03 09:20:21 12.Aug.2003 03:20:21 GMT;213.140.126.54;3148;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.54:3148, protocol: TCP. TCP flags: SYN
08/12/03 09:25:04 12.Aug.2003 03:25:04 GMT;213.140.121.48;3447;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:3447, protocol: TCP. TCP flags: SYN
08/12/03 09:28:15 12.Aug.2003 03:28:15 GMT;64.207.82.78;4772;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 64.207.82.78:4772, protocol: TCP. TCP flags: SYN
08/12/03 09:30:05 12.Aug.2003 03:30:05 GMT;213.140.126.2;2912;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.2:2912, protocol: TCP. TCP flags: SYN
08/12/03 09:31:02 12.Aug.2003 03:31:02 GMT;213.138.233.52;4556;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.233.52:4556, protocol: TCP. TCP flags: SYN
08/12/03 09:32:44 12.Aug.2003 03:32:44 GMT;61.149.39.151;35129;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.149.39.151:35129, protocol: TCP. TCP flags: SYN
08/12/03 09:33:17 12.Aug.2003 03:33:17 GMT;220.114.2.192;3541;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.114.2.192:3541, protocol: TCP. TCP flags: SYN
08/12/03 09:36:36 12.Aug.2003 03:36:36 GMT;220.109.153.214;4524;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.109.153.214:4524, protocol: TCP. TCP flags: SYN
08/12/03 09:44:50 12.Aug.2003 03:44:50 GMT;213.106.105.223;1627;213.140.120.XXX;445;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:445 from 213.106.105.223:1627, protocol: TCP. TCP flags: SYN
08/12/03 09:56:06 12.Aug.2003 03:56:06 GMT;221.155.110.179;3801;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.155.110.179:3801, protocol: TCP. TCP flags: SYN
08/12/03 09:57:17 12.Aug.2003 03:57:17 GMT;221.167.34.43;4144;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.167.34.43:4144, protocol: TCP. TCP flags: SYN
08/12/03 09:57:29 12.Aug.2003 03:57:29 GMT;172.182.71.150;4672;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 172.182.71.150:4672, protocol: TCP. TCP flags: SYN
08/12/03 09:57:29 12.Aug.2003 03:57:29 GMT;213.140.121.48;3120;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:3120, protocol: TCP. TCP flags: SYN
08/12/03 10:07:17 12.Aug.2003 04:07:17 GMT;61.98.172.32;64517;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.98.172.32:64517, protocol: TCP. TCP flags: SYN
08/12/03 10:07:37 12.Aug.2003 04:07:37 GMT;61.187.227.21;4012;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.187.227.21:4012, protocol: TCP. TCP flags: SYN
08/12/03 10:09:20 12.Aug.2003 04:09:20 GMT;200.104.75.247;3779;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.104.75.247:3779, protocol: TCP. TCP flags: SYN
08/12/03 10:13:20 12.Aug.2003 04:13:20 GMT;24.34.159.159;4163;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.34.159.159:4163, protocol: TCP. TCP flags: SYN
08/12/03 10:16:31 12.Aug.2003 04:16:31 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:16:34 12.Aug.2003 04:16:34 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:16:41 12.Aug.2003 04:16:41 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:22:06 12.Aug.2003 04:22:06 GMT;211.119.189.129;4128;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.119.189.129:4128, protocol: TCP. TCP flags: SYN
08/12/03 10:23:00 12.Aug.2003 04:23:00 GMT;24.197.95.59;3729;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.197.95.59:3729, protocol: TCP. TCP flags: SYN
08/12/03 10:23:20 12.Aug.2003 04:23:20 GMT;219.196.240.158;3871;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.196.240.158:3871, protocol: TCP. TCP flags: SYN
08/12/03 10:23:21 12.Aug.2003 04:23:21 GMT;217.226.81.115;4222;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 217.226.81.115:4222, protocol: TCP. TCP flags: SYN
08/12/03 10:29:57 12.Aug.2003 04:29:57 GMT;206.253.61.191;3889;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 206.253.61.191:3889, protocol: TCP. TCP flags: SYN
08/12/03 10:33:48 12.Aug.2003 04:33:48 GMT;67.74.231.55;4194;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 67.74.231.55:4194, protocol: TCP. TCP flags: SYN
08/12/03 10:34:00 12.Aug.2003 04:34:00 GMT;213.140.126.85;3843;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.85:3843, protocol: TCP. TCP flags: SYN
08/12/03 10:34:03 12.Aug.2003 04:34:03 GMT;213.138.232.39;4790;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.232.39:4790, protocol: TCP. TCP flags: SYN
08/12/03 10:43:55 12.Aug.2003 04:43:55 GMT;12.144.8.80;1481;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.144.8.80:1481, protocol: TCP. TCP flags: SYN
08/12/03 10:43:58 12.Aug.2003 04:43:58 GMT;12.144.8.80;1481;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.144.8.80:1481, protocol: TCP. TCP flags: SYN
08/12/03 10:44:30 12.Aug.2003 04:44:30 GMT;202.102.138.19;3201;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 202.102.138.19:3201, protocol: TCP. TCP flags: SYN
08/12/03 10:46:50 12.Aug.2003 04:46:50 GMT;12.210.16.82;3866;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.210.16.82:3866, protocol: TCP. TCP flags: SYN
08/12/03 10:47:03 12.Aug.2003 04:47:03 GMT;218.66.212.101;3710;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.66.212.101:3710, protocol: TCP. TCP flags: SYN
08/12/03 10:49:49 12.Aug.2003 04:49:49 GMT;12.89.75.180;3852;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.89.75.180:3852, protocol: TCP. TCP flags: SYN
08/12/03 10:53:25 12.Aug.2003 04:53:25 GMT;210.120.60.9;46499;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.120.60.9:46499, protocol: TCP. TCP flags: SYN
08/12/03 11:03:04 12.Aug.2003 05:03:04 GMT;213.138.50.30;1605;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.50.30:1605, protocol: TCP. TCP flags: SYN
08/12/03 11:12:22 12.Aug.2003 05:12:22 GMT;211.59.206.184;3748;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.59.206.184:3748, protocol: TCP. TCP flags: SYN
08/12/03 11:12:25 12.Aug.2003 05:12:25 GMT;211.59.206.184;3748;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.59.206.184:3748, protocol: TCP. TCP flags: SYN
08/12/03 11:14:43 12.Aug.2003 05:14:43 GMT;68.74.115.190;1232;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 68.74.115.190:1232, protocol: TCP. TCP flags: SYN
08/12/03 11:16:07 12.Aug.2003 05:16:07 GMT;213.134.250.28;4770;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.250.28:4770, protocol: TCP. TCP flags: SYN
08/12/03 11:16:53 12.Aug.2003 05:16:53 GMT;66.98.128.37;1099;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 66.98.128.37:1099, protocol: TCP. TCP flags: SYN
08/12/03 11:23:30 12.Aug.2003 05:23:30 GMT;81.103.84.178;1276;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 81.103.84.178:1276, protocol: TCP. TCP flags: SYN
08/12/03 11:24:00 12.Aug.2003 05:24:00 GMT;24.161.113.192;2344;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.161.113.192:2344, protocol: TCP. TCP flags: SYN
08/12/03 11:24:17 12.Aug.2003 05:24:17 GMT;211.227.194.228;3777;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.227.194.228:3777, protocol: TCP. TCP flags: SYN
08/12/03 11:25:19 12.Aug.2003 05:25:19 GMT;213.140.96.60;2963;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.96.60:2963, protocol: TCP. TCP flags: SYN
08/12/03 11:25:22 12.Aug.2003 05:25:22 GMT;213.140.96.60;2963;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.96.60:2963, protocol: TCP. TCP flags: SYN
08/12/03 11:31:41 12.Aug.2003 05:31:41 GMT;212.23.75.190;4068;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 212.23.75.190:4068, protocol: TCP. TCP flags: SYN
08/12/03 11:32:36 12.Aug.2003 05:32:36 GMT;213.140.111.230;3798;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.111.230:3798, protocol: TCP. TCP flags: SYN
08/12/03 11:32:39 12.Aug.2003 05:32:39 GMT;213.140.111.230;3798;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.111.230:3798, protocol: TCP. TCP flags: SYN
08/12/03 11:32:39 12.Aug.2003 05:32:39 GMT;218.73.135.165;3880;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.73.135.165:3880, protocol: TCP. TCP flags: SYN
08/12/03 11:33:38 12.Aug.2003 05:33:38 GMT;213.138.226.90;1851;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.226.90:1851, protocol: TCP. TCP flags: SYN
08/12/03 11:35:09 12.Aug.2003 05:35:09 GMT;200.214.105.30;3977;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.214.105.30:3977, protocol: TCP. TCP flags: SYN
08/12/03 11:41:15 12.Aug.2003 05:41:15 GMT;213.140.126.104;4815;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.104:4815, protocol: TCP. TCP flags: SYN
08/12/03 11:43:37 12.Aug.2003 05:43:37 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:43:40 12.Aug.2003 05:43:40 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:43:40 12.Aug.2003 05:43:40 GMT;210.149.122.81;3873;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.149.122.81:3873, protocol: TCP. TCP flags: SYN
08/12/03 11:43:43 12.Aug.2003 05:43:43 GMT;210.149.122.81;3873;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.149.122.81:3873, protocol: TCP. TCP flags: SYN
08/12/03 11:43:43 12.Aug.2003 05:43:43 GMT;213.140.120.5;2325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:2325, protocol: TCP. TCP flags: SYN
08/12/03 11:43:46 12.Aug.2003 05:43:46 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:44:11 12.Aug.2003 05:44:11 GMT;213.140.126.15;4712;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.15:4712, protocol: TCP. TCP flags: SYN
08/12/03 11:52:39 12.Aug.2003 05:52:39 GMT;213.140.120.67;4500;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.67:4500, protocol: TCP. TCP flags: SYN
08/12/03 11:52:42 12.Aug.2003 05:52:42 GMT;213.140.120.67;4500;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.67:4500, protocol: TCP. TCP flags: SYN
08/12/03 11:54:06 12.Aug.2003 05:54:06 GMT;213.140.120.83;4609;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.83:4609, protocol: TCP. TCP flags: SYN
08/12/03 11:55:56 12.Aug.2003 05:55:56 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:55:59 12.Aug.2003 05:55:59 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:56:05 12.Aug.2003 05:56:05 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:59:09 12.Aug.2003 05:59:09 GMT;202.119.45.169;1711;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 202.119.45.169:1711, protocol: TCP. TCP flags: SYN
08/12/03 11:59:44 12.Aug.2003 05:59:44 GMT;220.83.194.130;1076;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.83.194.130:1076, protocol: TCP. TCP flags: SYN
08/12/03 12:00:26 12.Aug.2003 06:00:26 GMT;213.139.230.86;2654;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.139.230.86:2654, protocol: TCP. TCP flags: SYN
08/12/03 12:00:43 12.Aug.2003 06:00:43 GMT;219.133.70.241;3897;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.133.70.241:3897, protocol: TCP. TCP flags: SYN
08/12/03 12:01:23 12.Aug.2003 06:01:23 GMT;213.140.118.110;3433;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.110:3433, protocol: TCP. TCP flags: SYN
08/12/03 12:01:25 12.Aug.2003 06:01:25 GMT;213.140.118.110;3433;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.110:3433, protocol: TCP. TCP flags: SYN
08/12/03 12:07:48 12.Aug.2003 06:07:48 GMT;213.134.172.75;4473;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.172.75:4473, protocol: TCP. TCP flags: SYN
08/12/03 12:09:35 12.Aug.2003 06:09:35 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:09:38 12.Aug.2003 06:09:38 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:09:44 12.Aug.2003 06:09:44 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:13:36 12.Aug.2003 06:13:36 GMT;219.108.3.178;3865;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.108.3.178:3865, protocol: TCP. TCP flags: SYN
08/12/03 12:16:58 12.Aug.2003 06:16:58 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:01 12.Aug.2003 06:17:01 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:07 12.Aug.2003 06:17:07 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:28 12.Aug.2003 06:17:28 GMT;198.172.93.130;2995;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 198.172.93.130:2995, protocol: TCP. TCP flags: SYN
08/12/03 12:17:31 12.Aug.2003 06:17:31 GMT;198.172.93.130;2995;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 198.172.93.130:2995, protocol: TCP. TCP flags: SYN
08/12/03 12:19:08 12.Aug.2003 06:19:08 GMT;220.85.178.94;3944;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.85.178.94:3944, protocol: TCP. TCP flags: SYN
08/12/03 12:19:10 12.Aug.2003 06:19:10 GMT;213.140.120.5;1325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:1325, protocol: TCP. TCP flags: SYN
08/12/03 12:19:13 12.Aug.2003 06:19:13 GMT;213.140.120.5;1325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:1325, protocol: TCP. TCP flags: SYN
08/12/03 12:19:30 12.Aug.2003 06:19:30 GMT;69.144.21.222;3864;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 69.144.21.222:3864, protocol: TCP. TCP flags: SYN
08/12/03 12:25:07 12.Aug.2003 06:25:07 GMT;213.134.96.56;1268;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.96.56:1268, protocol: TCP. TCP flags: SYN
08/12/03 12:25:10 12.Aug.2003 06:25:10 GMT;213.134.96.56;1268;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.96.56:1268, protocol: TCP. TCP flags: SYN
08/12/03 12:26:19 12.Aug.2003 06:26:19 GMT;67.40.177.19;4461;213.140.120.XXX;17300;TCP;Kuang2 the virus The Firewall has blocked a connection attempt made to 213.140.120.XXX:17300 from 67.40.177.19:4461, protocol: TCP. Known virus to attack on this port: Kuang2 the virus
08/12/03 12:26:39 12.Aug.2003 06:26:39 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:26:42 12.Aug.2003 06:26:42 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:26:48 12.Aug.2003 06:26:48 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:29:17 12.Aug.2003 06:29:17 GMT;200.43.132.87;4100;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.43.132.87:4100, protocol: TCP. TCP flags: SYN
08/12/03 12:32:41 12.Aug.2003 06:32:41 GMT;61.111.210.192;3899;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.111.210.192:3899, protocol: TCP. TCP flags: SYN
08/12/03 12:34:01 12.Aug.2003 06:34:01 GMT;213.140.120.235;1926;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.235:1926, protocol: TCP. TCP flags: SYN
08/12/03 12:34:04 12.Aug.2003 06:34:04 GMT;213.140.120.235;1926;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.235:1926, protocol: TCP. TCP flags: SYN
08/12/03 12:44:14 12.Aug.2003 06:44:14 GMT;61.249.17.102;55973;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.249.17.102:55973, protocol: TCP. TCP flags: SYN
08/12/03 12:44:25 12.Aug.2003 06:44:25 GMT;213.140.120.159;1159;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.159:1159, protocol: TCP. TCP flags: SYN
08/12/03 12:44:42 12.Aug.2003 06:44:42 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:44:45 12.Aug.2003 06:44:45 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:44:51 12.Aug.2003 06:44:51 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:24 12.Aug.2003 06:50:24 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:27 12.Aug.2003 06:50:27 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:33 12.Aug.2003 06:50:33 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:53:37 12.Aug.2003 06:53:37 GMT;61.138.247.117;3541;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.138.247.117:3541, protocol: TCP. TCP flags: SYN
08/12/03 12:57:21 12.Aug.2003 06:57:21 GMT;219.145.104.212;3840;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.145.104.212:3840, protocol: TCP. TCP flags: SYN
08/12/03 13:05:27 12.Aug.2003 07:05:27 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:05:29 12.Aug.2003 07:05:29 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:05:35 12.Aug.2003 07:05:35 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:13:29 12.Aug.2003 07:13:29 GMT;66.98.128.37;1816;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 66.98.128.37:1816, protocol: TCP. TCP flags: SYN
08/12/03 13:13:32 12.Aug.2003 07:13:32 GMT;213.140.126.72;3946;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.72:3946, protocol: TCP. TCP flags: SYN
08/12/03 13:13:35 12.Aug.2003 07:13:35 GMT;213.140.126.72;3946;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.72:3946, protocol: TCP. TCP flags: SYN
08/12/03 13:20:49 12.Aug.2003 07:20:49 GMT;220.186.167.6;3795;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.186.167.6:3795, protocol: TCP. TCP flags: SYN
08/12/03 13:21:43 12.Aug.2003 07:21:43 GMT;213.135.224.4;3465;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.135.224.4:3465, protocol: TCP. TCP flags: SYN
08/12/03 13:25:00 12.Aug.2003 07:25:00 GMT;213.140.118.28;2192;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.28:2192, protocol: TCP. TCP flags: SYN
08/12/03 13:26:30 12.Aug.2003 07:26:30 GMT;213.140.187.162;3221;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3221, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:26:33 12.Aug.2003 07:26:33 GMT;213.140.187.162;3221;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3221, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:26:54 12.Aug.2003 07:26:54 GMT;213.140.126.48;3078;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.48:3078, protocol: TCP. TCP flags: SYN
08/12/03 13:27:13 12.Aug.2003 07:27:13 GMT;213.140.102.81;2911;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.102.81:2911, protocol: TCP. TCP flags: SYN
08/12/03 13:27:16 12.Aug.2003 07:27:16 GMT;213.140.102.81;2911;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.102.81:2911, protocol: TCP. TCP flags: SYN
08/12/03 13:31:51 12.Aug.2003 07:31:51 GMT;213.140.98.26;3397;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.26:3397, protocol: TCP. TCP flags: SYN
08/12/03 13:32:28 12.Aug.2003 07:32:28 GMT;213.140.126.20;3219;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.20:3219, protocol: TCP. TCP flags: SYN
08/12/03 13:36:59 12.Aug.2003 07:36:59 GMT;217.235.18.148;2244;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 217.235.18.148:2244, protocol: TCP. TCP flags: SYN
[Сообщение изменено пользователем 12.08.2003 13:39]
Свой ip я заменил на XXX :
08/12/03 08:32:07 12.Aug.2003 02:32:07 GMT;141.155.150.202;1637;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 141.155.150.202:1637, protocol: TCP. TCP flags: SYN
08/12/03 08:32:49 12.Aug.2003 02:32:49 GMT;218.106.81.6;4072;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.106.81.6:4072, protocol: TCP. TCP flags: SYN
08/12/03 08:35:42 12.Aug.2003 02:35:42 GMT;211.106.74.53;3927;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.106.74.53:3927, protocol: TCP. TCP flags: SYN
08/12/03 08:38:28 12.Aug.2003 02:38:28 GMT;213.138.224.87;4083;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.224.87:4083, protocol: TCP. TCP flags: SYN
08/12/03 08:42:04 12.Aug.2003 02:42:04 GMT;207.173.210.77;4608;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 207.173.210.77:4608, protocol: TCP. TCP flags: SYN
08/12/03 08:42:18 12.Aug.2003 02:42:18 GMT;67.164.13.108;3829;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 67.164.13.108:3829, protocol: TCP. TCP flags: SYN
08/12/03 08:48:31 12.Aug.2003 02:48:31 GMT;211.218.183.119;4109;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.218.183.119:4109, protocol: TCP. TCP flags: SYN
08/12/03 08:48:59 12.Aug.2003 02:48:59 GMT;218.73.194.214;3848;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.73.194.214:3848, protocol: TCP. TCP flags: SYN
08/12/03 08:49:26 12.Aug.2003 02:49:26 GMT;213.138.232.8;1468;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.232.8:1468, protocol: TCP. TCP flags: SYN
08/12/03 08:49:39 12.Aug.2003 02:49:39 GMT;61.231.41.84;3879;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.231.41.84:3879, protocol: TCP. TCP flags: SYN
08/12/03 08:50:09 12.Aug.2003 02:50:09 GMT;213.140.121.48;4359;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:4359, protocol: TCP. TCP flags: SYN
08/12/03 08:57:41 12.Aug.2003 02:57:41 GMT;213.138.233.204;1348;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.233.204:1348, protocol: TCP. TCP flags: SYN
08/12/03 08:59:13 12.Aug.2003 02:59:13 GMT;213.140.121.115;4386;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.115:4386, protocol: TCP. TCP flags: SYN
08/12/03 08:59:30 12.Aug.2003 02:59:30 GMT;220.85.34.187;3992;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.85.34.187:3992, protocol: TCP. TCP flags: SYN
08/12/03 09:04:33 12.Aug.2003 03:04:33 GMT;218.91.234.190;3808;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.91.234.190:3808, protocol: TCP. TCP flags: SYN
08/12/03 09:09:39 12.Aug.2003 03:09:39 GMT;213.140.121.181;2033;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:2033, protocol: TCP. TCP flags: SYN
08/12/03 09:11:22 12.Aug.2003 03:11:22 GMT;221.167.236.248;3731;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.167.236.248:3731, protocol: TCP. TCP flags: SYN
08/12/03 09:16:34 12.Aug.2003 03:16:34 GMT;213.140.121.115;3424;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.115:3424, protocol: TCP. TCP flags: SYN
08/12/03 09:20:21 12.Aug.2003 03:20:21 GMT;213.140.126.54;3148;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.54:3148, protocol: TCP. TCP flags: SYN
08/12/03 09:25:04 12.Aug.2003 03:25:04 GMT;213.140.121.48;3447;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:3447, protocol: TCP. TCP flags: SYN
08/12/03 09:28:15 12.Aug.2003 03:28:15 GMT;64.207.82.78;4772;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 64.207.82.78:4772, protocol: TCP. TCP flags: SYN
08/12/03 09:30:05 12.Aug.2003 03:30:05 GMT;213.140.126.2;2912;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.2:2912, protocol: TCP. TCP flags: SYN
08/12/03 09:31:02 12.Aug.2003 03:31:02 GMT;213.138.233.52;4556;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.233.52:4556, protocol: TCP. TCP flags: SYN
08/12/03 09:32:44 12.Aug.2003 03:32:44 GMT;61.149.39.151;35129;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.149.39.151:35129, protocol: TCP. TCP flags: SYN
08/12/03 09:33:17 12.Aug.2003 03:33:17 GMT;220.114.2.192;3541;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.114.2.192:3541, protocol: TCP. TCP flags: SYN
08/12/03 09:36:36 12.Aug.2003 03:36:36 GMT;220.109.153.214;4524;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.109.153.214:4524, protocol: TCP. TCP flags: SYN
08/12/03 09:44:50 12.Aug.2003 03:44:50 GMT;213.106.105.223;1627;213.140.120.XXX;445;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:445 from 213.106.105.223:1627, protocol: TCP. TCP flags: SYN
08/12/03 09:56:06 12.Aug.2003 03:56:06 GMT;221.155.110.179;3801;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.155.110.179:3801, protocol: TCP. TCP flags: SYN
08/12/03 09:57:17 12.Aug.2003 03:57:17 GMT;221.167.34.43;4144;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 221.167.34.43:4144, protocol: TCP. TCP flags: SYN
08/12/03 09:57:29 12.Aug.2003 03:57:29 GMT;172.182.71.150;4672;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 172.182.71.150:4672, protocol: TCP. TCP flags: SYN
08/12/03 09:57:29 12.Aug.2003 03:57:29 GMT;213.140.121.48;3120;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.48:3120, protocol: TCP. TCP flags: SYN
08/12/03 10:07:17 12.Aug.2003 04:07:17 GMT;61.98.172.32;64517;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.98.172.32:64517, protocol: TCP. TCP flags: SYN
08/12/03 10:07:37 12.Aug.2003 04:07:37 GMT;61.187.227.21;4012;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.187.227.21:4012, protocol: TCP. TCP flags: SYN
08/12/03 10:09:20 12.Aug.2003 04:09:20 GMT;200.104.75.247;3779;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.104.75.247:3779, protocol: TCP. TCP flags: SYN
08/12/03 10:13:20 12.Aug.2003 04:13:20 GMT;24.34.159.159;4163;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.34.159.159:4163, protocol: TCP. TCP flags: SYN
08/12/03 10:16:31 12.Aug.2003 04:16:31 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:16:34 12.Aug.2003 04:16:34 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:16:41 12.Aug.2003 04:16:41 GMT;213.140.121.181;4110;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.121.181:4110, protocol: TCP. TCP flags: SYN
08/12/03 10:22:06 12.Aug.2003 04:22:06 GMT;211.119.189.129;4128;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.119.189.129:4128, protocol: TCP. TCP flags: SYN
08/12/03 10:23:00 12.Aug.2003 04:23:00 GMT;24.197.95.59;3729;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.197.95.59:3729, protocol: TCP. TCP flags: SYN
08/12/03 10:23:20 12.Aug.2003 04:23:20 GMT;219.196.240.158;3871;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.196.240.158:3871, protocol: TCP. TCP flags: SYN
08/12/03 10:23:21 12.Aug.2003 04:23:21 GMT;217.226.81.115;4222;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 217.226.81.115:4222, protocol: TCP. TCP flags: SYN
08/12/03 10:29:57 12.Aug.2003 04:29:57 GMT;206.253.61.191;3889;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 206.253.61.191:3889, protocol: TCP. TCP flags: SYN
08/12/03 10:33:48 12.Aug.2003 04:33:48 GMT;67.74.231.55;4194;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 67.74.231.55:4194, protocol: TCP. TCP flags: SYN
08/12/03 10:34:00 12.Aug.2003 04:34:00 GMT;213.140.126.85;3843;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.85:3843, protocol: TCP. TCP flags: SYN
08/12/03 10:34:03 12.Aug.2003 04:34:03 GMT;213.138.232.39;4790;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.232.39:4790, protocol: TCP. TCP flags: SYN
08/12/03 10:43:55 12.Aug.2003 04:43:55 GMT;12.144.8.80;1481;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.144.8.80:1481, protocol: TCP. TCP flags: SYN
08/12/03 10:43:58 12.Aug.2003 04:43:58 GMT;12.144.8.80;1481;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.144.8.80:1481, protocol: TCP. TCP flags: SYN
08/12/03 10:44:30 12.Aug.2003 04:44:30 GMT;202.102.138.19;3201;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 202.102.138.19:3201, protocol: TCP. TCP flags: SYN
08/12/03 10:46:50 12.Aug.2003 04:46:50 GMT;12.210.16.82;3866;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.210.16.82:3866, protocol: TCP. TCP flags: SYN
08/12/03 10:47:03 12.Aug.2003 04:47:03 GMT;218.66.212.101;3710;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.66.212.101:3710, protocol: TCP. TCP flags: SYN
08/12/03 10:49:49 12.Aug.2003 04:49:49 GMT;12.89.75.180;3852;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 12.89.75.180:3852, protocol: TCP. TCP flags: SYN
08/12/03 10:53:25 12.Aug.2003 04:53:25 GMT;210.120.60.9;46499;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.120.60.9:46499, protocol: TCP. TCP flags: SYN
08/12/03 11:03:04 12.Aug.2003 05:03:04 GMT;213.138.50.30;1605;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.50.30:1605, protocol: TCP. TCP flags: SYN
08/12/03 11:12:22 12.Aug.2003 05:12:22 GMT;211.59.206.184;3748;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.59.206.184:3748, protocol: TCP. TCP flags: SYN
08/12/03 11:12:25 12.Aug.2003 05:12:25 GMT;211.59.206.184;3748;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.59.206.184:3748, protocol: TCP. TCP flags: SYN
08/12/03 11:14:43 12.Aug.2003 05:14:43 GMT;68.74.115.190;1232;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 68.74.115.190:1232, protocol: TCP. TCP flags: SYN
08/12/03 11:16:07 12.Aug.2003 05:16:07 GMT;213.134.250.28;4770;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.250.28:4770, protocol: TCP. TCP flags: SYN
08/12/03 11:16:53 12.Aug.2003 05:16:53 GMT;66.98.128.37;1099;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 66.98.128.37:1099, protocol: TCP. TCP flags: SYN
08/12/03 11:23:30 12.Aug.2003 05:23:30 GMT;81.103.84.178;1276;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 81.103.84.178:1276, protocol: TCP. TCP flags: SYN
08/12/03 11:24:00 12.Aug.2003 05:24:00 GMT;24.161.113.192;2344;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 24.161.113.192:2344, protocol: TCP. TCP flags: SYN
08/12/03 11:24:17 12.Aug.2003 05:24:17 GMT;211.227.194.228;3777;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 211.227.194.228:3777, protocol: TCP. TCP flags: SYN
08/12/03 11:25:19 12.Aug.2003 05:25:19 GMT;213.140.96.60;2963;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.96.60:2963, protocol: TCP. TCP flags: SYN
08/12/03 11:25:22 12.Aug.2003 05:25:22 GMT;213.140.96.60;2963;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.96.60:2963, protocol: TCP. TCP flags: SYN
08/12/03 11:31:41 12.Aug.2003 05:31:41 GMT;212.23.75.190;4068;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 212.23.75.190:4068, protocol: TCP. TCP flags: SYN
08/12/03 11:32:36 12.Aug.2003 05:32:36 GMT;213.140.111.230;3798;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.111.230:3798, protocol: TCP. TCP flags: SYN
08/12/03 11:32:39 12.Aug.2003 05:32:39 GMT;213.140.111.230;3798;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.111.230:3798, protocol: TCP. TCP flags: SYN
08/12/03 11:32:39 12.Aug.2003 05:32:39 GMT;218.73.135.165;3880;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 218.73.135.165:3880, protocol: TCP. TCP flags: SYN
08/12/03 11:33:38 12.Aug.2003 05:33:38 GMT;213.138.226.90;1851;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.138.226.90:1851, protocol: TCP. TCP flags: SYN
08/12/03 11:35:09 12.Aug.2003 05:35:09 GMT;200.214.105.30;3977;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.214.105.30:3977, protocol: TCP. TCP flags: SYN
08/12/03 11:41:15 12.Aug.2003 05:41:15 GMT;213.140.126.104;4815;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.104:4815, protocol: TCP. TCP flags: SYN
08/12/03 11:43:37 12.Aug.2003 05:43:37 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:43:40 12.Aug.2003 05:43:40 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:43:40 12.Aug.2003 05:43:40 GMT;210.149.122.81;3873;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.149.122.81:3873, protocol: TCP. TCP flags: SYN
08/12/03 11:43:43 12.Aug.2003 05:43:43 GMT;210.149.122.81;3873;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 210.149.122.81:3873, protocol: TCP. TCP flags: SYN
08/12/03 11:43:43 12.Aug.2003 05:43:43 GMT;213.140.120.5;2325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:2325, protocol: TCP. TCP flags: SYN
08/12/03 11:43:46 12.Aug.2003 05:43:46 GMT;65.165.244.76;3853;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 65.165.244.76:3853, protocol: TCP. TCP flags: SYN
08/12/03 11:44:11 12.Aug.2003 05:44:11 GMT;213.140.126.15;4712;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.15:4712, protocol: TCP. TCP flags: SYN
08/12/03 11:52:39 12.Aug.2003 05:52:39 GMT;213.140.120.67;4500;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.67:4500, protocol: TCP. TCP flags: SYN
08/12/03 11:52:42 12.Aug.2003 05:52:42 GMT;213.140.120.67;4500;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.67:4500, protocol: TCP. TCP flags: SYN
08/12/03 11:54:06 12.Aug.2003 05:54:06 GMT;213.140.120.83;4609;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.83:4609, protocol: TCP. TCP flags: SYN
08/12/03 11:55:56 12.Aug.2003 05:55:56 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:55:59 12.Aug.2003 05:55:59 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:56:05 12.Aug.2003 05:56:05 GMT;213.140.120.64;1929;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.64:1929, protocol: TCP. TCP flags: SYN
08/12/03 11:59:09 12.Aug.2003 05:59:09 GMT;202.119.45.169;1711;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 202.119.45.169:1711, protocol: TCP. TCP flags: SYN
08/12/03 11:59:44 12.Aug.2003 05:59:44 GMT;220.83.194.130;1076;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.83.194.130:1076, protocol: TCP. TCP flags: SYN
08/12/03 12:00:26 12.Aug.2003 06:00:26 GMT;213.139.230.86;2654;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.139.230.86:2654, protocol: TCP. TCP flags: SYN
08/12/03 12:00:43 12.Aug.2003 06:00:43 GMT;219.133.70.241;3897;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.133.70.241:3897, protocol: TCP. TCP flags: SYN
08/12/03 12:01:23 12.Aug.2003 06:01:23 GMT;213.140.118.110;3433;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.110:3433, protocol: TCP. TCP flags: SYN
08/12/03 12:01:25 12.Aug.2003 06:01:25 GMT;213.140.118.110;3433;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.110:3433, protocol: TCP. TCP flags: SYN
08/12/03 12:07:48 12.Aug.2003 06:07:48 GMT;213.134.172.75;4473;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.172.75:4473, protocol: TCP. TCP flags: SYN
08/12/03 12:09:35 12.Aug.2003 06:09:35 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:09:38 12.Aug.2003 06:09:38 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:09:44 12.Aug.2003 06:09:44 GMT;213.140.98.131;2861;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.131:2861, protocol: TCP. TCP flags: SYN
08/12/03 12:13:36 12.Aug.2003 06:13:36 GMT;219.108.3.178;3865;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.108.3.178:3865, protocol: TCP. TCP flags: SYN
08/12/03 12:16:58 12.Aug.2003 06:16:58 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:01 12.Aug.2003 06:17:01 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:07 12.Aug.2003 06:17:07 GMT;220.76.223.24;4177;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.76.223.24:4177, protocol: TCP. TCP flags: SYN
08/12/03 12:17:28 12.Aug.2003 06:17:28 GMT;198.172.93.130;2995;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 198.172.93.130:2995, protocol: TCP. TCP flags: SYN
08/12/03 12:17:31 12.Aug.2003 06:17:31 GMT;198.172.93.130;2995;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 198.172.93.130:2995, protocol: TCP. TCP flags: SYN
08/12/03 12:19:08 12.Aug.2003 06:19:08 GMT;220.85.178.94;3944;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.85.178.94:3944, protocol: TCP. TCP flags: SYN
08/12/03 12:19:10 12.Aug.2003 06:19:10 GMT;213.140.120.5;1325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:1325, protocol: TCP. TCP flags: SYN
08/12/03 12:19:13 12.Aug.2003 06:19:13 GMT;213.140.120.5;1325;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:1325, protocol: TCP. TCP flags: SYN
08/12/03 12:19:30 12.Aug.2003 06:19:30 GMT;69.144.21.222;3864;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 69.144.21.222:3864, protocol: TCP. TCP flags: SYN
08/12/03 12:25:07 12.Aug.2003 06:25:07 GMT;213.134.96.56;1268;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.96.56:1268, protocol: TCP. TCP flags: SYN
08/12/03 12:25:10 12.Aug.2003 06:25:10 GMT;213.134.96.56;1268;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.134.96.56:1268, protocol: TCP. TCP flags: SYN
08/12/03 12:26:19 12.Aug.2003 06:26:19 GMT;67.40.177.19;4461;213.140.120.XXX;17300;TCP;Kuang2 the virus The Firewall has blocked a connection attempt made to 213.140.120.XXX:17300 from 67.40.177.19:4461, protocol: TCP. Known virus to attack on this port: Kuang2 the virus
08/12/03 12:26:39 12.Aug.2003 06:26:39 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:26:42 12.Aug.2003 06:26:42 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:26:48 12.Aug.2003 06:26:48 GMT;82.82.116.137;4907;213.140.120.XXX;21;TCP;Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash The Firewall has blocked a connection attempt made to 213.140.120.XXX:21 from 82.82.116.137:4907, protocol: TCP. Known virus to attack on this port: Back Construction, Blade Runner, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 , Larva, MotIv FTP, Net Administrator, Senna Spy FTP server, Traitor 21, WebEx, WinCrash
08/12/03 12:29:17 12.Aug.2003 06:29:17 GMT;200.43.132.87;4100;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 200.43.132.87:4100, protocol: TCP. TCP flags: SYN
08/12/03 12:32:41 12.Aug.2003 06:32:41 GMT;61.111.210.192;3899;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.111.210.192:3899, protocol: TCP. TCP flags: SYN
08/12/03 12:34:01 12.Aug.2003 06:34:01 GMT;213.140.120.235;1926;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.235:1926, protocol: TCP. TCP flags: SYN
08/12/03 12:34:04 12.Aug.2003 06:34:04 GMT;213.140.120.235;1926;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.235:1926, protocol: TCP. TCP flags: SYN
08/12/03 12:44:14 12.Aug.2003 06:44:14 GMT;61.249.17.102;55973;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.249.17.102:55973, protocol: TCP. TCP flags: SYN
08/12/03 12:44:25 12.Aug.2003 06:44:25 GMT;213.140.120.159;1159;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.159:1159, protocol: TCP. TCP flags: SYN
08/12/03 12:44:42 12.Aug.2003 06:44:42 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:44:45 12.Aug.2003 06:44:45 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:44:51 12.Aug.2003 06:44:51 GMT;213.140.187.162;4209;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4209, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:24 12.Aug.2003 06:50:24 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:27 12.Aug.2003 06:50:27 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:50:33 12.Aug.2003 06:50:33 GMT;213.140.187.162;3465;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3465, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 12:53:37 12.Aug.2003 06:53:37 GMT;61.138.247.117;3541;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 61.138.247.117:3541, protocol: TCP. TCP flags: SYN
08/12/03 12:57:21 12.Aug.2003 06:57:21 GMT;219.145.104.212;3840;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 219.145.104.212:3840, protocol: TCP. TCP flags: SYN
08/12/03 13:05:27 12.Aug.2003 07:05:27 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:05:29 12.Aug.2003 07:05:29 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:05:35 12.Aug.2003 07:05:35 GMT;213.140.187.162;4574;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:4574, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:13:29 12.Aug.2003 07:13:29 GMT;66.98.128.37;1816;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 66.98.128.37:1816, protocol: TCP. TCP flags: SYN
08/12/03 13:13:32 12.Aug.2003 07:13:32 GMT;213.140.126.72;3946;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.72:3946, protocol: TCP. TCP flags: SYN
08/12/03 13:13:35 12.Aug.2003 07:13:35 GMT;213.140.126.72;3946;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.72:3946, protocol: TCP. TCP flags: SYN
08/12/03 13:20:49 12.Aug.2003 07:20:49 GMT;220.186.167.6;3795;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 220.186.167.6:3795, protocol: TCP. TCP flags: SYN
08/12/03 13:21:43 12.Aug.2003 07:21:43 GMT;213.135.224.4;3465;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.135.224.4:3465, protocol: TCP. TCP flags: SYN
08/12/03 13:25:00 12.Aug.2003 07:25:00 GMT;213.140.118.28;2192;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.118.28:2192, protocol: TCP. TCP flags: SYN
08/12/03 13:26:30 12.Aug.2003 07:26:30 GMT;213.140.187.162;3221;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3221, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:26:33 12.Aug.2003 07:26:33 GMT;213.140.187.162;3221;213.140.120.XXX;80;TCP;Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero The Firewall has blocked a connection attempt made to 213.140.120.XXX:80 from 213.140.187.162:3221, protocol: TCP. Known virus to attack on this port: Nimda, AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
08/12/03 13:26:54 12.Aug.2003 07:26:54 GMT;213.140.126.48;3078;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.48:3078, protocol: TCP. TCP flags: SYN
08/12/03 13:27:13 12.Aug.2003 07:27:13 GMT;213.140.102.81;2911;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.102.81:2911, protocol: TCP. TCP flags: SYN
08/12/03 13:27:16 12.Aug.2003 07:27:16 GMT;213.140.102.81;2911;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.102.81:2911, protocol: TCP. TCP flags: SYN
08/12/03 13:31:51 12.Aug.2003 07:31:51 GMT;213.140.98.26;3397;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.98.26:3397, protocol: TCP. TCP flags: SYN
08/12/03 13:32:28 12.Aug.2003 07:32:28 GMT;213.140.126.20;3219;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.126.20:3219, protocol: TCP. TCP flags: SYN
08/12/03 13:36:59 12.Aug.2003 07:36:59 GMT;217.235.18.148;2244;213.140.120.XXX;135;TCP; The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 217.235.18.148:2244, protocol: TCP. TCP flags: SYN
[Сообщение изменено пользователем 12.08.2003 13:39]
N
Nеxt
мдя :-d
C
Copper_Kettle
Че за..
добавилось еще столько же..
Первый раз такое...
добавилось еще столько же..
Первый раз такое...
C
Copper_Kettle
Вот самое важное
Date: 12.08.2003 Time: 14:37:10
Rule "Implicit block rule" blocked (212.23.89.24,tftp(69)). Details:
Outbound UDP packet
Local address,service is (0.0.0.0,2333)
Remote address,service is (212.23.89.24,tftp(69))
Process name is "C:\WINNT\System32\tftp.exe"
tftp.exe пробовал лезть куда-то наружу...
неужели я заражен?
вот нашел по теме
http://www.kaspersky.ru/news.html?id=1316699
http://www.viruslist.com/viruslist.html?id=2709083...
и на ur.ru красными буквами объявление про
это же самое. Хотя комп не перезагружался.
При мне, во всяком случае.
http://www.ur.ru/
Date: 12.08.2003 Time: 14:37:10
Rule "Implicit block rule" blocked (212.23.89.24,tftp(69)). Details:
Outbound UDP packet
Local address,service is (0.0.0.0,2333)
Remote address,service is (212.23.89.24,tftp(69))
Process name is "C:\WINNT\System32\tftp.exe"
tftp.exe пробовал лезть куда-то наружу...
неужели я заражен?
вот нашел по теме
http://www.kaspersky.ru/news.html?id=1316699
http://www.viruslist.com/viruslist.html?id=2709083...
и на ur.ru красными буквами объявление про
это же самое. Хотя комп не перезагружался.
При мне, во всяком случае.
http://www.ur.ru/
C
Copper_Kettle
Worm.Win32.Autorooter
Является набором Win32 EXE-файлов (компонент). По своей функциональности схож с сетевым Win32-червем: распространяется по локальным или глобальным сетям, однако в данной версии червя эта функция полностью не реализована.
Имя червя взято из текстовых строк, имеющихся в основном компоненте:
rpc autorooter by ERIC
RPC autorooter
Червь использует уязвимость в службе Microsoft Windows DCOM RPC. Ее описание приведено в Microsoft Security Bulletin MS03-026.
Основной файл червя
Является самораспаковывающимся ZIP-архивом (т.е. приложением Win32, которое содержит в себе ZIP-архив и которое извлекает файлы из этого архива при запуске). Размер файла - около 114KB.
Содержит в себе 3 файла:
rpc.exe - 41KB, главный компонент (загрузчик), детектируется как "Worm.Win32.Autorooter";
tftpd.exe - 144KB, легальный FTP сервер;
rpctest.ex - 95KB, вспомогательный компонент, детектируется как "Exploit.Win32.DCom".
При запуске SFX-архива он создаёт перечисленные выше файлы и устанавливает их в корневой каталог локального диска C:, после чего запускает файл "rpc.exe", являющийся основной компонентом червя.
Основной компонент "rpc.exe"
Запускает файл "tftpd.exe" (FTP-сервер) и пытается загрузить файл "lolx.exe" с удаленного компьютера. Файл "lolx.exe" является троянской программой и детектируется как "Backdoor.SdBot.gen".
Червь ишет удаленные машины и пытается установить с ними соединения по 445 порту. IP-адрес (a.b.c.d) для сканирования выбирается произвольно по следующему алгоритму:
Значение 'a' выбирается из следующего списка (все значения используются червем последовательно):
24, 12, 211, 217, 218, 220, 4, 68, 165, 65, 213, 64, 208, 128
Значение 'b' является случайным числом от 0 до 255.
'c' и 'd' выбираются последовательно из всех возможных значений (от 1 до 255).
Например, если первое число равно 68, а второе 120, то червь будет искать все компьютеры в диапазоне адресов 68.120.0.1 - 68.120.255.255.
Червь ищет удаленные машины из этого диапазона и устанавливает соединение с найденными, после чего передает найденные адреса во вспомогательный компонент. Для использования уязвимости червь запускает "rpctest.exe". Этот файл отсылает код, вызывающий переполнение буфера (buffer overrun), который загружает командную оболочку "cmd.exe" на порту 57005 уязвимой машины.
Компонент "rpctest.exe"
Реализация эксплоита. Содержит в себе текстовую строку:
USE THE FORZ LUKE!
Компонент "tftd.exe"
Это легальный HaneWin TFTP server. Он устанавливается на 69 порт зараженного компьютера и загружает backdoor-компоненты.
Заключение
Несмотря на то, что данный набор файлов не имеет функции саморазмножения, мы считаем его функциональность гораздо более близкой к классу червей, чем к backdoor или hacktool. Можно предположить, что данный образец является всего лишь тестовым вариантом червя. Имеющихся в нем функций уже сейчас вполне достаточно для саморазмножения. Также можно предположить, что автор червя ставил основной целью создание распределенной сети взломанных машин, через которую в дальнейшем злоумышленники могут осуществлять любые вирусные или хакерские атаки. Мы рекомендуем всем пользователям установить патч от Microsoft (доступен по вышеприведенной ссылке). А также, заблокировать TCP порты 135, 139 и 445 на ваших брандмауэрах.
Является набором Win32 EXE-файлов (компонент). По своей функциональности схож с сетевым Win32-червем: распространяется по локальным или глобальным сетям, однако в данной версии червя эта функция полностью не реализована.
Имя червя взято из текстовых строк, имеющихся в основном компоненте:
rpc autorooter by ERIC
RPC autorooter
Червь использует уязвимость в службе Microsoft Windows DCOM RPC. Ее описание приведено в Microsoft Security Bulletin MS03-026.
Основной файл червя
Является самораспаковывающимся ZIP-архивом (т.е. приложением Win32, которое содержит в себе ZIP-архив и которое извлекает файлы из этого архива при запуске). Размер файла - около 114KB.
Содержит в себе 3 файла:
rpc.exe - 41KB, главный компонент (загрузчик), детектируется как "Worm.Win32.Autorooter";
tftpd.exe - 144KB, легальный FTP сервер;
rpctest.ex - 95KB, вспомогательный компонент, детектируется как "Exploit.Win32.DCom".
При запуске SFX-архива он создаёт перечисленные выше файлы и устанавливает их в корневой каталог локального диска C:, после чего запускает файл "rpc.exe", являющийся основной компонентом червя.
Основной компонент "rpc.exe"
Запускает файл "tftpd.exe" (FTP-сервер) и пытается загрузить файл "lolx.exe" с удаленного компьютера. Файл "lolx.exe" является троянской программой и детектируется как "Backdoor.SdBot.gen".
Червь ишет удаленные машины и пытается установить с ними соединения по 445 порту. IP-адрес (a.b.c.d) для сканирования выбирается произвольно по следующему алгоритму:
Значение 'a' выбирается из следующего списка (все значения используются червем последовательно):
24, 12, 211, 217, 218, 220, 4, 68, 165, 65, 213, 64, 208, 128
Значение 'b' является случайным числом от 0 до 255.
'c' и 'd' выбираются последовательно из всех возможных значений (от 1 до 255).
Например, если первое число равно 68, а второе 120, то червь будет искать все компьютеры в диапазоне адресов 68.120.0.1 - 68.120.255.255.
Червь ищет удаленные машины из этого диапазона и устанавливает соединение с найденными, после чего передает найденные адреса во вспомогательный компонент. Для использования уязвимости червь запускает "rpctest.exe". Этот файл отсылает код, вызывающий переполнение буфера (buffer overrun), который загружает командную оболочку "cmd.exe" на порту 57005 уязвимой машины.
Компонент "rpctest.exe"
Реализация эксплоита. Содержит в себе текстовую строку:
USE THE FORZ LUKE!
Компонент "tftd.exe"
Это легальный HaneWin TFTP server. Он устанавливается на 69 порт зараженного компьютера и загружает backdoor-компоненты.
Заключение
Несмотря на то, что данный набор файлов не имеет функции саморазмножения, мы считаем его функциональность гораздо более близкой к классу червей, чем к backdoor или hacktool. Можно предположить, что данный образец является всего лишь тестовым вариантом червя. Имеющихся в нем функций уже сейчас вполне достаточно для саморазмножения. Также можно предположить, что автор червя ставил основной целью создание распределенной сети взломанных машин, через которую в дальнейшем злоумышленники могут осуществлять любые вирусные или хакерские атаки. Мы рекомендуем всем пользователям установить патч от Microsoft (доступен по вышеприведенной ссылке). А также, заблокировать TCP порты 135, 139 и 445 на ваших брандмауэрах.
X
X3PM4H
даже если вы не стадаете паранойей, это не значит, что за вами не следят
C
Copper_Kettle
ха. ха.
:-)
:-)
C
Copper_Kettle
Вот еще страдающие паранойей:
http://www.kaspersky.ru/news.html?id=1316699
---->>>>>
Под ударом новая брешь в операционной системе Windows
"Лаборатория Касперского", ведущий российский разработчик систем защиты от вирусов, хакерских атак и спама, сообщает об обнаружении нового сетевого червя "Autorooter" и регистрации его массовой рассылки с помощью спам-технологий по электронной почте.
К счастью, функция автоматического размножения червя полностью не реализована, что исключает возможность его широкого распространения. Вместе с тем, "Autorooter" атакует брешь в операционной системе Windows версий NT/2000/XP, обнаруженную всего лишь 2 недели назад. "Лаборатория Касперского" не исключает возможности исправления недостатков этой версии червя и обращает внимание пользователей на необходимость немедленной установки соответствующего обновления для Windows.
"Autorooter" представляет собой гибрид сетевого червя и "троянца" для несанкционированного управления компьютером (backdoor). Вредоносная программа состоит из трех компонент: носителя червя, модуля для обмена файлами по FTP протоколу (FTP-сервер) и модуля атаки через брешь Windows.
Первым в бой вступает модуль атаки через брешь Windows: он вызывает переполнение буфера операционной системы и загружает на компьютер жертвы остальные компоненты. Данная брешь была обнаружена около месяца назад и компания Microsoft уже выпустила соответствующее обновление.
После этого запускается файл-носитель червя, который инициирует процедуры распространения и загрузки дополнительных модулей. Как указывалось выше функция рассылки "Autorooter" полностью не реализована, поэтому у червя фактически отсутствует возможность распространения по интернету. Вместе с тем, с помощью встроенного FTP-сервера "Autorooter" успешно загружает с удаленного сервера и устанавливает троянскую программу "IRCbot", которая позволяет злоумышленникам незаметно управлять зараженным компьютером.
"Мы предполагаем, что данный образец является всего лишь тестовым вариантом червя. В будущем весьма возможно появление более жизнеспособных версий, которые смогут причинить интернету огромный вред, - комментирует Евгений Касперский, руководитель антивирусных исследований "Лаборатории Касперского", - Не исключено, что целью автора "Autorooter" является создание распределенной сети взломанных машин для проведения крупномасштабных вирусных или хакерских атак".
Процедуры защиты от "Autorooter" уже добавлены в базу данных Антивируса Касперского®.
Для защиты от червя "Лаборатория Касперского" также рекомендует немедленно установить указанное выше обновление и заблокировать на межсетевых экранах TCP порты 135, 139 и 445.
http://www.kaspersky.ru/news.html?id=1316699
---->>>>>
Под ударом новая брешь в операционной системе Windows
"Лаборатория Касперского", ведущий российский разработчик систем защиты от вирусов, хакерских атак и спама, сообщает об обнаружении нового сетевого червя "Autorooter" и регистрации его массовой рассылки с помощью спам-технологий по электронной почте.
К счастью, функция автоматического размножения червя полностью не реализована, что исключает возможность его широкого распространения. Вместе с тем, "Autorooter" атакует брешь в операционной системе Windows версий NT/2000/XP, обнаруженную всего лишь 2 недели назад. "Лаборатория Касперского" не исключает возможности исправления недостатков этой версии червя и обращает внимание пользователей на необходимость немедленной установки соответствующего обновления для Windows.
"Autorooter" представляет собой гибрид сетевого червя и "троянца" для несанкционированного управления компьютером (backdoor). Вредоносная программа состоит из трех компонент: носителя червя, модуля для обмена файлами по FTP протоколу (FTP-сервер) и модуля атаки через брешь Windows.
Первым в бой вступает модуль атаки через брешь Windows: он вызывает переполнение буфера операционной системы и загружает на компьютер жертвы остальные компоненты. Данная брешь была обнаружена около месяца назад и компания Microsoft уже выпустила соответствующее обновление.
После этого запускается файл-носитель червя, который инициирует процедуры распространения и загрузки дополнительных модулей. Как указывалось выше функция рассылки "Autorooter" полностью не реализована, поэтому у червя фактически отсутствует возможность распространения по интернету. Вместе с тем, с помощью встроенного FTP-сервера "Autorooter" успешно загружает с удаленного сервера и устанавливает троянскую программу "IRCbot", которая позволяет злоумышленникам незаметно управлять зараженным компьютером.
"Мы предполагаем, что данный образец является всего лишь тестовым вариантом червя. В будущем весьма возможно появление более жизнеспособных версий, которые смогут причинить интернету огромный вред, - комментирует Евгений Касперский, руководитель антивирусных исследований "Лаборатории Касперского", - Не исключено, что целью автора "Autorooter" является создание распределенной сети взломанных машин для проведения крупномасштабных вирусных или хакерских атак".
Процедуры защиты от "Autorooter" уже добавлены в базу данных Антивируса Касперского®.
Для защиты от червя "Лаборатория Касперского" также рекомендует немедленно установить указанное выше обновление и заблокировать на межсетевых экранах TCP порты 135, 139 и 445.
C
Copper_Kettle
Снаряды рвались близко...
от родного сегмента.
The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:4465, protocol: TCP. TCP flags: SYN
что за SYN ?
может быть что-то вполне безобидное?
от родного сегмента.
The Firewall has blocked a connection attempt made to 213.140.120.XXX:135 from 213.140.120.5:4465, protocol: TCP. TCP flags: SYN
что за SYN ?
может быть что-то вполне безобидное?
a
ao
1) слушай, у тебя упало чтото от этого ? нет ? ну так что засирать форум логами ? Если каждый будет сливать в форум логи файрволов или еще чего, то прикинь чего будет ?
2) SYN - это флаг такой.
2) SYN - это флаг такой.
C
Copper_Kettle
засирать.. сливать...
вы наверное слесарь?
я рад, что вас начали интересовать интернет-форумы,
но держите профессиональную лексику при себе.
:-d
[Сообщение изменено пользователем 12.08.2003 18:40]
вы наверное слесарь?
я рад, что вас начали интересовать интернет-форумы,
но держите профессиональную лексику при себе.
:-d
[Сообщение изменено пользователем 12.08.2003 18:40]
a
ao
я не слессарь, я слессарь-сборщик. :-)
А то, что тебя какие-то пионеры левыми пакетами закидали, так это еще не повод для бурной и активной радости. хакеры, хакеры.. апач поставь, будешь из его логов дерьмо ведрами выносить.
А то, что тебя какие-то пионеры левыми пакетами закидали, так это еще не повод для бурной и активной радости. хакеры, хакеры.. апач поставь, будешь из его логов дерьмо ведрами выносить.
W
Who?
^rnd^ :-)
respect :-)
неужели дописал таки :-)?
respect :-)
неужели дописал таки :-)?
s
sava2002cool
по-моему тема про самолёт на беговой дорожке интереснее....
W
Who?
хе
:-d
:-d
Авторизуйтесь, чтобы принять участие в дискуссии.