[LINK] technical question: security alert
Kim Holburn
kim at holburn.net
Fri Mar 6 08:58:01 AEDT 2009
On 2009/Mar/05, at 10:11 PM, Ivan Trundle wrote:
> On 05/03/2009, at 11:22 PM, Kim Holburn wrote:
>
>> The first thing that strikes me looking at that is that the source
>> port is 6882 and the destination port is what you might call "random"
>> which is very odd for an initialisation packet. It looks more like a
>> reply packet or something trying to look like a reply packet.
>
> This encouraged me to look at my router security alert logs for all
> port 6882 activity (not that this port alone warrants inspection)
> since I bought the router some years ago.
>
> It's possible to spend weeks sifting through the data, and would
> keep someone amused for a long time, if they needed that level of
> amusement or interest.
>
> But sadly, I'm more interested in knowing why Kim knows about the PI
> firm that works for the RIAA...
I've been following some of the cases involving the RIAA in the US.
MediaSentry has been in the news a lot and mostly for bad reasons:
operating without a license, poisoning bittorent with fake files,
shoddy investigations and having their email system hacked and exposed.
Kim
>
--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list