Pretty unremarkable, really. W4r3z k1ddi3s...
syslog/logcheck:
Feb 28 13:47:53 - snort [1:0:0] TCP to 21 ftp
Source IP: 137.250.65.90 Source port: 3907
Source host: pc-65-090.Phil.Uni-Augsburg.DE
Target IP: 12.82.128.22 Target port: 21 Proto: TCP
Target host: 22.seattle-01-02rs.wa.dial-access.att.net
snort packet log:
02/28-13:47:53.036942 137.250.65.90:3907 -> 12.82.128.22:21
TCP TTL:108 TOS:0x0 ID:42670 IpLen:20 DgmLen:44 DF
******S* Seq: 0x42CB94F0 Ack: 0x0 Win: 0x2000 TcpLen: 24
TCP Options (1) => MSS: 1460
ipchains:
Feb 28 13:47:53 greatwall kernel: Packet log: input DENY ppp0 PROTO=6
137.250.65.90:3907 12.82.128.22:21
L=44 S=0x00 I=42670 F=0x4000 T=108 SYN (#64)
BW whois 2.9 by Bill Weinman (http://whois.bw.org/)
© 1999-2001 William E. Weinman
University of Augsburg (NET-AUX)
D-8900 Augsburg
DE
Netname: AUX
Netblock: 137.250.0.0 - 137.250.255.255 Coordinator:
Stindl, Siegfried (SS297-ARIN) stindl@UNI-AUGSBURG.DE
+49 821 598 2006
Domain System inverse mapping provided by:
BBIWY.CC.UNI-AUGSBURG.DE137.250.1.254
RZSUN2.RZ.UNI-AUGSBURG.DE137.250.111.4
DENEB.DFN.DE192.76.176.9