Packet Call
Yes I know, "curiosity killed the cat", but I can't help myself when it comes to packets. My curiosity has been piqued after looking at some of the port trends last night on DShield. Take a look at these ports below and their interesting trends. None of them had any activity so to speak till these explosive amounts of traffic. Notice the number of targets all stay very low. Is it legitimate or evil in nature? I can think of scenarios for both, but I have no clue which is why I would like to get some packet captures to spend my weekend playing with. If anyone happens to be able to nab some or has seen a large amount of this, please let me know!
Port 47673
date records targets sources tcpratio
2007-09-21 64 15 15 62
2007-09-22 6 4 3 83
2007-09-23 16 5 4 88
2007-09-24 7692 12 5099 42
2007-09-25 1989 8 1220 57
2007-09-26 65876 14 25756 18
2007-09-27 7012 11 4572 18
2007-09-28 47652 14 17596 1
2007-09-29 2459 5 1420 55
Port 13883
date records targets sources tcpratio
2007-09-18 74 5 13 100
2007-09-19 68 3 9 100
2007-09-20 21 5 7 88
2007-09-21 38498 11 5510 81
2007-09-22 22264 7 3285 81
2007-09-23 10790 7 1330 81
2007-09-24 6029 10 1273 67
2007-09-25 3392 10 37 100
2007-09-26 6377 9 33 100
2007-09-27 22454 11 2704 85
2007-09-28 36223 9 7687 65
2007-09-29 1218 6 440 54
Port 60611
date records targets sources tcpratio
2007-09-15 47 13 33 46
2007-09-16 26 14 10 100
2007-09-17 87 15 24 87
2007-09-18 18729 9 6421 37
2007-09-19 3941 7 1567 48
2007-09-20 1017 11 345 58
2007-09-21 3830 20 1942 41
2007-09-22 2301 10 1108 43
2007-09-23 1500 13 648 40
2007-09-24 1015 11 409 40
2007-09-25 79 8 9 92
2007-09-26 2293 11 822 52
2007-09-27 11424 7 3961 52
2007-09-28 49706 12 13721 42
2007-09-29 1027 4 485 31
Port 30695
date records targets sources tcpratio
2007-09-23 18 6 6 100
2007-09-24 11 6 5 100
2007-09-25 5 4 3 100
2007-09-26 35663 9 15275 23
2007-09-27 44523 14 18609 14
2007-09-28 20268 10 9684 7
2007-09-29 497 6 29 30
Comments