Short summary of some of the attacks against us for Oct. 2001


year - time EASTERN source_ip[:port] (dns name, if any) attack/scan/notes

2001/10/01-05:54:06.43 64.83.54.207 (64.83.54.208.dsl207-static-orf.cavtel.net) try to conn to 132.235.2.111:6346 for 24 hours
2001/10/01-06:56:47.67 65.33.8.197 (ubr-33.8.197.curryford.cfl.rr.com) scan several machines for port 21
2001/10/01-16:00:59.34 195.159.0.152 (login2.powertech.no) conn  to ports 1080,23 on a local pc. (1.156)
2001/10/01-16:44:18.21 64.81.152.89 (dsl081-152-089.chi1.dsl.speakeasy.net) portscan  132.235.3.0
2001/10/01-19:53:57.73 65.12.184.120 (c1582262-a.potlnd1.or.home.com) scan 132.235.3.217 for port 6346
2001/10/02-09:24:36.97 202.128.131.172 (Hong Kong Telecom International Limited,HK) scannet for port 111, rstatd attack
2001/10/02-11:29:28.73 217.125.135.212 (Telefonica Data Espana ,ES) scan net for port 21
2001/10/03-06:47:54.97 141.211.178.114 (University of Michigan,US) scanne tf opr port 1419 and 4078
2001/10/03-12:09:56.57 193.133.125.204 (Greens Superstores Ltd,GB) scan net for port 111
2001/10/03-13:10:44.12 61.134.49.4 (CHINANET Shanxi(SN) province network,CN) scannet for port 111
2001/10/03-18:06:46.95 203.79.137.22 (dial276-wk.hitron.net) scan net for ports 8080,8000,3128
2001/10/03-22:41:33.65 209.235.23.213 (213-209.235.23.dellhost.com) scan net for port 21
2001/10/04-10:06:36.02 24.143.11.94 (csco-1194.communicomm.com) bang on ports 27374 12345 139 on 132.235.1.45
2001/10/04-11:38:17.06 65.160.250.1 (ns1.zoidial.com) scan 1 hign number port per machines several random machines
2001/10/04-20:10:51.81 202.102.193.252 (hefei lan and dial ip pool,CN) scan net for port 515
2001/10/04-20:18:02.68 202.102.193.252 (hefei lan and dial ip pool,CN) connect to port 23 on selected ips. 
2001/10/04-20:20:15.01 211.21.88.58 (CHTD, Chunghwa Telecom Co.,Ltd.,TW) scan several ips for port 23
2001/10/04-22:08:57.00 61.177.255.187 ( CHINANET Jiangsu province network,CN) bang on port 80 on 132.235.1.35
2001/10/04-23:22:29.09 217.0.59.217 (pD9003BD9.dip.t-dialin.net) scan net for port 21, anon ftp attacks
2001/10/05-03:19:00.42 61.177.255.119 ( CHINANET Jiangsu province network,CN) bang on port 21 on 132.235.1.35
2001/10/05-04:09:12.95 203.246.196.150 (Unitel,SEOUL,KR) 1. start of DNS attacks - attemp to update server - from ip block.
2001/10/05-04:09:12.95 203.246.196.150 (Unitel,SEOUL,KR) 2. 675 Attacks today from 203.246.196.xxx
2001/10/05-05:05:56.72 212.238.194.250 (Demon NL DSL customers connecting via BaByXL Rotterdam) scan net for port 21
2001/10/05-06:01:58.79 203.246.196.30 (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update server - 
2001/10/05-06:01:58.79 203.246.196.30 (Unitel,SEOUL,KR) 2 from ip block 203.246.196.xxx - 675 attack in 24hrs.
2001/10/05-06:48:17.64 212.238.194.250 (emon NL DSL customers connecting via BaByXL Rotterdam,NL) scan 132.235.201.x for port 21
2001/10/05-11:00:58.38 64.0.131.114 (w114.z064000131.lax-ca.dsl.cnc.net) scannet for port 53
2001/10/05-15:37:23.27 63.230.8.137 (U S WEST Communications Svcs,,MN,US) scannet for port 53
2001/10/05-19:59:55.34 24.17.176.44 (c1499561-a.lewisv1.tx.home.com) scan net 132.235.201 for port 111
2001/10/05-20:08:12.88 66.79.135.68 (iVMG, Inc,US) bang on 132.235.1.1 on 31352-3136a
2001/10/05-20:16:25.47 66.79.135.8 (iVMG, Inc,US) bang on 132.235.1.1 on ports 31353-31366
2001/10/05-20:16:35.38 66.79.135.68 (iVMG, Inc,US) bang on 132.235.1.1 on 31352-31367
2001/10/05-20:17:35.39 66.79.135.68 (iVMG, Inc,US) bang on 132.235.1.1 on 31356-31355
2001/10/05-20:26:50.57 24.17.176.44 (c1499561-a.lewisv1.tx.home.com) start of buff overflow attacks
2001/10/05-20:47:48.07 66.79.135.10 (iVMG, Inc,US) bang on 132.235.1.1 on 31349-31367
2001/10/05-20:47:58.02 66.79.135.68 (iVMG, Inc,US) bang on 132.235.1.1 on 31356-31355
2001/10/05-20:48:58.02 66.79.135.68 (iVMG, Inc,US) bang on 132.235.1.1 on 31356-31355
2001/10/06-04:45:18.59 210.116.141.160 ( Korea Network Information Center) scannet for port 111
2001/10/06-05:59:02.77 203.246.196.58  (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update server -
2001/10/06-05:59:02.77 203.246.196.58  (Unitel,SEOUL,KR) 2 from ip block 203.246.196.xxx - 650 attacks in 24hrs
2001/10/06-06:28:08.55 210.116.141.160 (iCommerce Korea,SEOUL,KR) 1  scananet for prt 111, buff overflow attacks.
2001/10/06-06:28:08.55 210.116.141.160 (iCommerce Korea,SEOUL,KR) 2. thru at lease 2001/10/06-08:11:55.70
2001/10/06-20:03:37.29 63.230.8.137 ((U S WEST Communications Svcs,,MN,US) scannet for port 53
2001/10/07-02:41:46.54 151.4.135.187 (INFOSTRADA,ITALY) scannet for port 515,23
2001/10/07-02:45:45.42 212.10.34.197 (Telefonica Data Espana ,ES) scannet for port 111
2001/10/07-06:00:47.37 203.246.196.93 (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update server -
2001/10/07-06:00:47.37 203.246.196.93 (Unitel,SEOUL,KR) 12 from ip block 203.246.196.xxx - 621 attacks in 24hrs
2001/10/07-19:53:13.63 212.211.91.4 (fra-tgn-oyl-vty4.as.wcom.net) scan net for port 111+buff overflow attacks
2001/10/08-02:10:57.05 61.177.254.46 (CHINANET Jiangsu province network,CN) bang on 132.235.1.35:80 again
2001/10/08-05:07:55.60 203.246.196.xx (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update server -
2001/10/08-05:07:55.60 203.246.196.xx (Unitel,SEOUL,KR) 2. 723 attacks in 24hrs
2001/10/08-05:07:55.60 217.136.38.227 (adsl-42723.turboline.skynet.be) scan net for port 21
2001/10/08-11:18:25.22 62.243.189.218 (ip464.abnxx1.adsl-dhcp.tele.dk) scannet for port 21
2001/10/09-12:08:56.51 132.235.197.17 (mbykova.cns.ohiou.edu) portscan 132.235.3.154
2001/10/09-15:00:54.82 203.246.196.xx (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update server 
2001/10/09-15:32:25.97 212.10.34.197 (pc103197.stofanet.dk) scannet for port 111 + statd buff overflow attacks
2001/10/09-17:54:43.62 12.4.58.226 (blackhole.vip.att.net) traceroute? 132.235.1.230
2001/10/10-03:01:23.00 203.246.196.xx (Unitel,SEOUL,KR) 1. start of DNS attacks for today. - attemp to update domain data on server
2001/10/10-07:16:36.73 212.10.34.197 (pc103197.stofanet.dk) scannet for port 111, statd buff overflow attacks
2001/10/10-20:07:29.65 217.125.135.212 (217-125-135-212.uc.nombres.ttd.es) scan net for port 21(and 1212,5120?)
2001/10/10-21:26:12.87 24.31.178.58 (dhcp31178058.columbus.rr.com) scnanet for port 22
2001/10/10-21:26:45.37 24.31.178.58 (dhcp31178058.columbus.rr.com)  portscan 132.235.17.17
2001/10/10-22:08:50.00 205.205.113.27 (Fjord.Net,CA) icmp scan of net, then  scan net for port 21
2001/10/11-00:29:08.93 172.143.29.79 (AC8F1D4F.ipt.aol.com) scan network, 1 high number port per ip, serveral ips/hr
2001/10/11-04:33:01.64 61.147.41.108 (CHINANET Jiangsu province network,CN) try to use 132.235.1.70 as dns server???
2001/10/11-22:04:01.18 132.235.164.101 (e4101.east-green.ohiou.edu) scan netf or port 139
2001/10/11-22:57:28.26 61.177.255.131 (CHINANET Jiangsu province network,CN) bang on 132.235.1.35:80 again
2001/10/12-00:33:01.15 213.97.114.154 (Telefonica Data Espana ,ES) 1. break in to 132.235.18.27. start bnc (irc relay).h
2001/10/12-00:33:01.15 213.97.114.154 (Telefonica Data Espana ,ES) 2. download w/tftp serv-u.exe mola.exe pskill.exe tlist.exe
2001/10/12-00:33:01.15 213.97.114.154 (Telefonica Data Espana ,ES) 3. from 213.97.114.154.
2001/10/12-04:26:45.58 207.49.130.234  (Randall Randall,FL,US) scannet for port 22
2001/10/12-13:13:35.75 166.93.56.153 (Spectrum Online Systems Inc,CO,US) scan net for 1 high num port per ip.
2001/10/12-21:03:31.26 211.57.95.50 (Korea Network Information Center,KR) scannet for port 111
2001/10/12-22:46:43.13 211.57.95.50 (Korea Network Information Center,KR) start of buff overflow attacks, starting with 132.235.1.35
2001/10/13-18:49:08.94 211.237.90.114 (Korea Network Information Center,KR) scannet for port 23
2001/10/14-05:54:48.44 216.167.37.188 (Verio, Inc.,CA,US) scan net for port 21
2001/10/14-07:45:06.21 202.159.94.46 ( WWW-INDONET-ID, ID) scannet for port 80, probe web servers found
2001/10/14-22:06:09.92 210.205.76.116 (Korea crap) scan net for port 111
2001/10/15-07:55:26.76 213.93.208.217 (e208217.upc-e.chello.nl) scannet for port 1214
2001/10/15-22:04:21.28 130.208.67.206 (www.norvol.hi.is) scannet for port 515
2001/10/15-22:09:02.42 130.208.67.206 (www.norvol.hi.is) start of buff overflow attacks. 
2001/10/16-00:40:01.85 132.235.164.69 (e4069.east-green.ohiou.edu) scan net for port 21
2001/10/16-01:58:53.28 211.12.203.15 (www.pavc.ne.jp) scannet for port 110
2001/10/16-06:26:29.12 213.93.208.217 (e208217.upc-e.chello.nl) scannet for port 1214
2001/10/16-06:33:45.47 200.23.210.200 (www.hotelclubdelsol.com) scannet for port 80
2001/10/16-10:29:13.54 140.109.139.11 (Ministry of Education Computer Center,TAIPI,TW) scannet for port 23
2001/10/16-15:41:49.31 61.33.19.1 (DACOM Corp., SEOUL,KR) scan net for port 111, +buff overflow attacks
2001/10/17-06:10:04.33 200.23.210.200 (www.hotelclubdelsol.com) scan net for port 80
2001/10/17-06:17:53.55 213.93.208.217 (e208217.upc-e.chello.nl) scannet for port 1214
2001/10/17-06:19:03.39 202.106.86.172 (Beijing Telecommunications Administration,CN) scan net for port 80
2001/10/17-06:22:18.42 202.106.86.179 (Beijing Telecommunications Administration,CN) scan net for port 80
2001/10/17-07:40:35.08 132.235.94.25 (?.ohiou.edu) scannetf or port 139
2001/10/17-11:21:08.40 202.159.94.46 (IndoInternet, P.T.,JAKARTA,ID) scan net for port 80
2001/10/17-13:39:40.37 217.0.37.179 (pD90025B3.dip.t-dialin.net) icmp ping scan of net
2001/10/17-13:39:45.44 217.0.37.179 (pD90025B3.dip.t-dialin.net) scannet for port 80
2001/10/17-16:46:49.95 132.235.8.51 (ginkgo.cats.ohiou.edu) scan net for port 23, 515

2001/10/17-17:22:03.11 132.235.8.52 (ginkgo1a.cats.ohiou.edu) scannet for ports 161
2001/10/17-22:22:03.92 217.128.59.194 (AStrasbourg-203-1-1-194.abo.wanadoo.fr) scan net for port 21
2001/10/17-22:22:10.67 217.128.59.194 (AStrasbourg-203-1-1-194.abo.wanadoo.fr) scan net for port 21, anon ftp attqacks.
2001/10/18-02:07:27.84 211.220.193.241 (Korea crap) scannet for port 515
2001/10/18-02:09:27.71 211.220.193.241 (Korea crap) scannet for port 23
2001/10/18-06:56:41.89 208.178.138.19 (4fanatics.com) scannet for port 23
2001/10/18-07:27:55.52 207.99.78.47 (servenet14.servenet.net) scannet for port 23
2001/10/18-09:11:30.14 213.93.208.217 (e208217.upc-e.chello.nl) scannet for port 1214
2001/10/18-10:32:09.58 146.133.224.2 (ENEL S.p.A. , IT) scan net for port 1214
2001/10/18-10:35:24.41 202.98.49.19 ( CHINANET Chongqing province network) scannet for port 400[0123]
2001/10/19-06:36:00.80 213.93.208.217 (e208217.upc-e.chello.nl) scannet for port 1214
2001/10/19-09:41:07.20 132.235.8.52 (ginkgo1a.cats.ohiou.edu)  scan 132.235.1.188 for port21,161,9100,280,631,80,9099
2001/10/19-09:41:14.03 132.235.8.51 (ginkgo.cats.ohiou.edu) scan 132.235.1.188 for port 23,515
2001/10/19-09:50:25.86 199.218.1.66 (netmon5.ohiou.athens.oh.us) scan 132.235.1.188 for port21,161,9100,280,631,80,9099
2001/10/19-16:06:08.72 211.248.200.194 (,KR) scannet for port 53
2001/10/19-18:11:05.12 193.252.202.227 (AAubervilliers-101-1-3-227.abo.wanadoo.fr) scannet for port 21 + anon ftp attacks
2001/10/19-18:56:29.39 66.56.59.206 (rr-56-59-206.atl.mediaone.net) scan 132.235.1.1 for mountd daemon.
2001/10/19-21:20:00.48 212.68.217.229 (212.68.217.229.brutele.be) scannet for port 21 + anon ftp attacks
2001/10/19-21:43:03.25 24.251.3.201 (c1568733-b.arvada1.co.home.com) scannet for port 53, send version.bind msg.
2001/10/20-05:28:15.51 217.128.59.194 (AStrasbourg-203-1-1-194.abo.wanadoo.fr)  scannet for port 21 + anon ftp attacks
2001/10/20-06:09:26.06 202.159.94.46 (IndoInternet, P.T.,JAKARTA,ID) scannet for port 80
2001/10/20-06:31:43.62 213.93.208.217 (e208217.upc-e.chello.nl) scannnet for port 1214
2001/10/20-10:24:47.70 150.65.165.66 (tqzhang.jaist.ac.jp) scan net for ports 8080,8000,80
2001/10/20-15:37:33.60 193.252.28.55 (ABesancon-101-1-1-55.abo.wanadoo.fr) scannet for port 80
2001/10/20-16:28:56.07 211.95.72.20 ( Shanghai IDC,Shanghai City,CN) scannet for port 21
2001/10/21-00:45:44.76 148.245.54.34 (mail.arinso.com.mx) scannnet for port 53
2001/10/21-08:28:35.56 165.247.105.29 (user-uiveq8t.dsl.mindspring.com) scannet for port 80
2001/10/21-09:08:34.39 212.100.180.102 (212-100-180-102.adsl.easynet.be) scannet for port 21
2001/10/21-09:21:52.37 80.65.224.157 (oc12.wanadaube.c0c0.org) scannet for port 21 + anon ftp attacks
2001/10/21-18:03:18.06 63.242.171.210 (dca-29-d-210.dca.dsl.cerfnet.com) scannet for port 515
2001/10/22-00:54:52.59 207.90.125.217 (d214.as0.wlmg.oh.voyager.net) 1. probe portmap, rusers, mountd on ace and boss.
2001/10/22-00:54:52.59 207.90.125.217 (d214.as0.wlmg.oh.voyager.net) 2. Use finger to probe names test account default guest kerri adam
2001/10/22-00:54:52.59 207.90.125.217 (d214.as0.wlmg.oh.voyager.net) 3. use anon ftp to get ftp passwd file
2001/10/22-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day logn
2001/10/22-04:56:47.03 61.147.41.205  ( CHINANET Jiangsu province network,CN) use 132.235.1.70 as DSN for ads.shgm.com.vg.
2001/10/22-12:02:10.97 64.220.83.195 (w195.z064220083.cmh-oh.dsl.cnc.net & mail.Genelinx.com) probe dns's for port 26 all day long.
2001/10/22-13:23:59.60 132.235.104.134 (dhcp-104-134.cns.ohiou.edu) probe ports 524,137 on pc at .1.156
2001/10/23-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day logn
2001/10/23-03:22:26.48 132.235.104.134 (dhcp-104-134.cns.ohiou.edu) probe ports 13[79] on pc at .4.61
2001/10/23-06:23:13.45 64.220.83.195 (w195.z064220083.cmh-oh.dsl.cnc.net & mail.Genelinx.com) probe dns's for port 26 all day long.
2001/10/23-09:26:08.04 217.226.127.18 (pD9E27F12.dip.t-dialin.net) scannet for port 21
2001/10/23-11:17:11.90 211.95.72.20 (Shanghai IDC,Shanghai city, CN) scan net for port 22
2001/10/23-13:18:50.95 132.235.104.134 (dhcp-104-134.cns.ohiou.edu) scannet for port 524,137,139
2001/10/24-02:11:21.69 61.147.41.24 (CHINANET Jiangsu province network,CN) use 132.235.1.70 as DSN - still
2001/10/24-02:13:36.62 132.235.104.134 (dhcp-104-134.cns.ohiou.edu) scannet for port 524
2001/10/24-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day logn
2001/10/24-05:13:54.64 61.147.41.9 (CHINANET Jiangsu province network,CN) use 132.235.1.70 as DSN - still
2001/10/24-07:00:13.52 64.220.83.195 (w195.z064220083.cmh-oh.dsl.cnc.net & mail.Genelinx.com) probe dns's for port 26 all day long.
2001/10/24-07:33:52.63 217.4.238.30 (Deutsche Telekom AG,DU) portscan 132.235.17.15
2001/10/24-11:32:21.96 203.107.172.229 ( Nakorn Mihard,TH) scannet for port 23
2001/10/24-12:46:52.45 132.235.104.134 (dhcp-104-134.cns.ohiou.edu) scan net for port 524
2001/10/24-13:07:35.73 132.235.144.195 (dhcp-144-195.cns.ohiou.edu) scannet for port 524, 137, 139
2001/10/24-14:27:11.81 132.235.144.195 (dhcp-144-195.cns.ohiou.edu) scan several ips for port 524 or 137
2001/10/24-17:14:40.63 80.56.33.138 (f33138.upc-f.chello.nl) scan net for port 21
2001/10/24-17:17:06.00 80.56.33.138 (f33138.upc-f.chello.nl) scannet for port 21
2001/10/24-17:58:22.91 62.149.130.183 (TECHNORAIL-NET,IL) scannet for port 1024,3072a
2001/10/24-18:23:12.72 212.199.49.97 (Golden Lines,Petach-Tiikva, Israel) scannet for port 21
2001/10/24-18:31:10.99 212.199.49.97 (goldenlines.net.il) scannet for port 21
2001/10/25-00:36:59.21 210.178.12.111 (Taewon High School,KR) scan net for port 80
2001/10/25-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day long
2001/10/25-06:07:38.38 132.237.151.10 (Wyse Technology,CA,US) scan net fo rport 80
2001/10/25-06:12:33.01 61.147.48.75 (CHINANET Jiangsu province network,CN) con to 132.235.1.35:80
2001/10/25-06:28:55.05 132.237.209.12 (Wyse Technology,CA,US) scan net fo rport 80
2001/10/25-08:02:04.43 132.237.184.112 (Wyse Technology,CA,US) scan net fo rport 80
2001/10/25-09:56:14.81 213.53.245.146 (mail.timmerhuis.com) scannet for port 80
2001/10/25-13:33:55.16 207.71.92.221 (shieldsup.grc.com) portscan 132.235.1.65
2001/10/25-13:45:22.76 202.159.94.46 (IndoInternet, P.T.,JAKARTA,ID) scannet for port 80, GET various dirs.
2001/10/25-20:27:09.35 61.147.52.77 (CHINANET Jiangsu province network,CN) con to 132.235.1.35:80
2001/10/25-21:53:04.61 24.212.2.114 (cadm00.csrn.qc.ca) slowscan of net of 1 high number port per ip
2001/10/25-23:55:05.99 61.147.52.133 (CHINANET Jiangsu province network,CN) ftp to 132.235.1.35
2001/10/26-01:17:23.97 212.199.28.169 (Golden Lines,IL) scan net 132.235.201.* for port 21
2001/10/26-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day long
2001/10/26-03:39:04.74 61.147.45.85 (CHINANET Jiangsu province network,CN) ftp to 132.235.1.35
2001/10/26-06:46:04.30 132.237.151.10 (@ohiou.edu) nimba virus attacks
2001/10/26-17:14:39.15 64.9.77.125 (ft77-125.f-tech.net) scan net for port 21, try anon ftp hacks
2001/10/26-17:15:48.24 64.9.77.125 (ft77-125.f-tech.net)  scan net 132.235.* for port 21
2001/10/26-21:11:24.50 64.9.77.25 (ft77-25.f-tech.net) scan net 132.235.201.* for port 21
2001/10/26-23:31:23.58 24.160.147.98 (cs24160147-98.satx.rr.com) scannet for port 21
2001/10/27-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day long
2001/10/27-04:50:41.00 62.148.132.144 (144.pool.obninsk.com) tried to update domain on our dns for about 1 hr.
2001/10/27-07:18:01.51 210.177.137.9 (Choon Nang Electrical Appliance MFY Ltd,HK) scannet for port 111
2001/10/27-08:14:41.89 65.8.158.87 (@Home Network,Atlanta Ga. US subnet) scannet for port 515
2001/10/27-10:58:34.74 217.136.21.225 (adsl-38369.turboline.skynet.be) scannet for port 21, anon ftp probes
2001/10/27-20:49:14.32 210.204.29.125 (JOONGWON ELEMENTARY SCHOOL,KR) scan net for port 111
2001/10/28-00:24:52.76 63.160.78.230 (IN TOUCH SOFTWARE,WILMINGTON, OH,US) 1.scan mult.IPS for port 79,111,21,23,22,32779
2001/10/28-00:24:52.76 63.160.78.230 (IN TOUCH SOFTWARE,WILMINGTON, OH,US) 2.finger test,demo,guest,account,bob,0,odd
2001/10/28-00:24:52.76 63.160.78.230 (IN TOUCH SOFTWARE,WILMINGTON, OH,US) 3.ftp tries as ftp, scan exported file systems
2001/10/28-00:24:52.76 63.160.78.230 (IN TOUCH SOFTWARE,WILMINGTON, OH,US) ident daemon gives userid of enz00
2001/10/28-00:30:13.93 134.53.7.4 (miamimoo.mcs.muohio.edu) 1.     naasub/naasub  sdotest/sdotest  test/blah  jon/jon
2001/10/28-00:30:13.93 134.53.7.4 (miamimoo.mcs.muohio.edu) 1. try to telnet in as jet/jet jet/test wkatest/wkatest cs690/cs690
2001/10/28-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day long
2001/10/28-08:57:34.77 217.57.171.35 (SOFTAWERE LINE SRL,IT) scan net for ports 1024,3072
2001/10/28-11:51:09.54 217.136.33.28 (adsl-41244.turboline.skynet.be) scannet for port 21
2001/10/29-00:08:36.42 209.101.246.5 (mail.mhcd.com) scannet for port 80
2001/10/29-06:01:55.56 132.235.168.15 (w0015.west-green.ohiou.edu) scanne fpor port 524
2001/10/29-16:03:05.98 210.114.164.131  (Internet Plaza TAEJON , KR) scan net for port 515
2001/10/29-21:23:36.14 61.163.239.130 (CHINANET Henan province network,CN) probe for dns on 132.235.1.7
2001/10/30-03:36:53.29 61.177.255.123 (CHINANET Jiangsu province network,CN) bang on 132.235.1.35 ports 445,139
2001/10/30-11:32:42.61 139.223.230.3 (Tatung Company,Tapei, TW) scannet for port 111
2001/10/30-14:02:11.72 210.76.97.249 (Beijing IT Industry Promotion Center,Beijing, CN) scannet for port 111+buff overflow attacks
2001/10/31-01:08:20.96 216.179.151.4 (usr3.xr4.netsol.net) scan net for port 111
2001/10/31-03:01:38.00 203.246.196.*  (UNITEL,SEOUL,KR) tried to update domain on our dns all day long
2001/10/31-06:19:50.80 213.64.102.177 (h177n2fls33o89.telia.com) scan net for port 515
2001/10/31-22:51:44.97 193.253.57.188 (ANice-102-1-3-188.abo.wanadoo.fr) scannet for port 21