Odd packets

Published: 2009-05-01. Last Updated: 2011-02-21 19:39:50 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

No.           Time             Source                 Destination         Protocol Info
107496   10.768466   10.10.10.10        12.12.12.12         UDP Source port: 43152  Destination port: http

Frame 107496 (118 bytes on wire, 118 bytes captured)
Ethernet II, Src: Cisco (MACSRC), Dst: Cisco (MACDST)
Internet Protocol, Src: my-net (10.10.10.10), Dst: apnic (12.12.12.12)
User Datagram Protocol, Src Port: 43152 (43152), Dst Port: http (80)
Data (76 bytes)
 
0030  01 00 8f f9 08 00 61 62 63 64 65 66 67 68 69 6a   ......abcdefghij
0040  6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 61 62 63   klmnopqrstuvwabc
0050  64 65 66 67 68 69 00 00 00 00 00 00 00 00 00 00   defghi..........
0060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0070  00 00 00 00 00 00   

A few things to note, these are UDP packets from a high src port to port 80. They are coming from an 'our' network and going to a system in APNIC. There are a significant number of them.

Any ideas? Let us know.     

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.                

Keywords: packets
0 comment(s)

Comments

Login here to join the discussion.


Top of page
Diary Archives