This mornings activity log shows this:
. . .
From 23.102.132.99 - 2 packets to tcp(3389)
From 23.102.133.164 - 1 packet to tcp(3389)
From 23.102.134.239 - 2 packets to tcp(3389)
From 23.102.136.210 - 3 packets to tcp(3389)
From 23.102.136.222 - 2 packets to tcp(3389)
From 23.102.137.62 - 3 packets to tcp(3389)
From 23.102.137.101 - 2 packets to tcp(3389)
From 23.102.138.184 - 1 packet to tcp(3389)
From 23.102.138.216 - 1 packet to tcp(3389)
From 23.102.139.11 - 2 packets to tcp(3389)
From 23.102.139.27 - 5 packets to tcp(3389)
From 23.102.140.90 - 2 packets to tcp(3389)
From 23.102.140.158 - 3 packets to tcp(3389)
From 23.102.161.114 - 1 packet to tcp(3389)
From 23.102.170.1 - 2 packets to tcp(3389)
From 23.102.170.48 - 4 packets to tcp(3389)
From 23.102.171.49 - 2 packets to tcp(3389)
From 23.102.172.233 - 2 packets to tcp(3389)
From 23.102.173.124 - 2 packets to tcp(3389)
. . .
These are either mostly or entirely MicroSoft.com addresses. Any ideas as to
what legitimate use this probing might have? I know that 3389 is MS-RDP. My
question is why would a 'reputable' firm be scanning my systems for open
connections on that port?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
