I agree that we have those soals out there that are trying to test things. We've had our share as well. As a result I added filters to our off campus links only to find out that we have remote users and researchers that HAVE to get back to their NT, etc domains, using netbios over IP. The latest example was some guy that spent 12 weeks on a Navy ship and used their satellite link to get back to his univeristy NT domain. Of course that was before the filters went in. Now I have to add permit lines so legitimate users can get their work done. sheesh. ted Phil Wood wrote:
I was not offended. The majority of garbage traffic directed at us appears to be coming from MS things (for want of a better name). I guess you could equate the MS thing to a typewriter and the person that is using it to a monkey. Hmmm, MS == MonkeyShines*.
* mon.key.shine \'m*n-ke--.shi-n\ n : a mischievous trick : PRANK
The table below shows some of the Monkeyshines I've seen (Jan 1 - Jan 11). The biggy, 172.29.16.32 was traced to somewhere in Alternet. (I'm expecting some resolution on that one any month now). All source addresses are flowing from beyond our boarders and directed to real and/or imagined hosts on our network. Our router filters these bogus things out. It would be nice to track them all down and help the poor souls who are just trying to get some work done.
Maybe some of you operators could stop it before it travels halfway around the world to our site.
Count Source Destination
73663 172.29.16.32.netbios-ns 192.16.16.32.netbios-ns:
Much stuff deleted.
-- ====================================================== Steve Carter scarter@genuity.net GENUITY Inc. Phone: (602) 308 2386 ======================================================
-- Ted Frohling (TF30) tsf@Arizona.EDU The University of Arizona 520.621.4834 CCIT Telecommunications, Computer Center, Room 131 Tucson, AZ 85721 http://www.Telcom.Arizona.EDU/~tsf