Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

proxyscan2.quakenet.org

  • 12-06-2001 10:52pm
    #1
    Spoonman
    Registered Users, Registered Users 2 Posts: 649 ✭✭✭


    Shortly after joining irc through my linux machine I get the following alert from portsentry:

    Active System Attack Alerts
    =-=-=-=-=-=-=-=-=-=-=-=-=-=
    Jun 12 19:00:02 nash portsentry[592]: attackalert: SYN/Normal scan from host: proxyscan2.quakenet.org/213.221.173.99 to TCP port: 80
    Jun 12 19:00:02 nash portsentry[592]: attackalert: Host 213.221.173.99 has been blocked via wrappers with string: "ALL: 213.221.173.99"

    Anyone know why this box is scanning my http port (80), after about an hour or 2 online it attepts to rescans port 80 again. Whats it looking for?




Comments

  • #2
    ecksor
    Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    Gosh, you don't suppose it's scanning for proxies?


  • #3
    Spoonman
    Registered Users, Registered Users 2 Posts: 649 ✭✭✭Spoonman


    Well, I would have tought the client would have to request a proxy connection not the other way around. seems a bit exessive scanning everone who connects to irc for a proxy.


  • #4
    dogs
    Registered Users, Registered Users 2 Posts: 380 ✭✭dogs


    It's just checking to see if you're coming *from* an open proxy.
    Most IRC networks check for an open SOCKS, etc proxy. It's not excessive considering the hastle/disruption they can cause when abused.


  • #5
    MindPhuck
    Registered Users, Registered Users 2 Posts: 2,207 ✭✭✭MindPhuck


    I believe that its a proxy scan from quakenet. You can check it out here -

    http://www.quakenet.eu.org/openproxies.html


  • #6
    Spoonman
    Registered Users, Registered Users 2 Posts: 649 ✭✭✭Spoonman


    Thanks for the explenations guys. The problem with portsentry is it can be too sensitive, any ports I'm not using it goes ape if some other host tries to connect to me.


  • Advertisement
Advertisement