My router lights looked like a science fiction computer just before I left
for work yesterday afternoon, but a quick check of the logs didn't turn up
anything scary. I bounced every one of the servers I am running and nothing
changed so I went off to work. When I got home a half hour ago, the same
situation was still occuring.
This time I saw the ip address 209.61.157.231 coming in on port 3132 / 3133
and being responded to via http off my wifes Win 98 machine (running Zone
Alarm). So I checked that address out with nmap and almost instantly the wild
lights on the router immediately went silent. Whois says the IP address is
owned by a bloke in Sault Ste. Marie, ON.
To the best of my knowledge, my wifes machine does not have any form of HTTP
installed.
Any thoughts on this would be welcomed.
Bill
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:19:06 EDT