by Hi,
Since March 8th, I have seen approx 500 UDP packets directed at my
firewall's ports 1839 and 1841. I can't find any references (to services or
common trojans) that use those ports. No logs show this traffic before March
8th.
There seems to be one packet sent to each port per probe (or whatever is
going on), with packets being sent every few hours.
I can't see any pattern in the hosts doing the sending, there are at least
10 of them, from all over the world.
Anyone see similar activity? It doesnt seem to be DoS related (too little
traffic), and its not a sweep, it's
directed solely at my firewall box, not any of the ip's around it or even
those pretected by it.
Also, does anyone have any idea why the interest in those two particular
ports?
Fred Peeler, IS Manager
B.E. Peterson, Inc.