On Monday 27 February 2006 21:41, John Mahowald wrote:
On 2/24/06, jludwig <wralphie(a)comcast.net> wrote:
> My firewall has been hit with the POD over 100 times (on port 6346).
> The issue would be almost laughable except the question of if this is
> being used to locate some other vulnerability in IPX, UDP, or any other
> transport mechanism?
>
> Has anyone else been hit, and does anyone know of any reason why anyone
> would use this "archaic" DOS?
Port 6346 appears to be gnutella, so you're probably seeing agressive
P2P traffic.
http://isc.sans.org/port_details.php?port=6346
John
Thanks.
I should have checked
sans.org myself!
--
Some people have convictions.
Some people have opinions
I think I'll have a cheeseburger!