Results 1 to 2 of 2

Thread: Strange Ip Addresses

  1. March 26th, 2008, 12:04 PM #1
    shakuni
    shakuni is offline
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24

    Strange Ip Addresses

    My log file told me that a couple of exploits(LSASS and DCOM exploits) were tried on my system's one of the VM (windows xp2) from the following IPs

    10.8.240.93
    10.8.154.135

    But how is this possible, since these addresse are in the reserved RFC 1918 address range and should never appear on public internet.
    Any clues ?
    Reply With Quote Reply With Quote
  2. March 26th, 2008, 12:48 PM #2
    HTRegz
    HTRegz is offline
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    What sort of log file?

    Nepenthes for example reports quite a bit of "standard" traffic as Unknown DCOM Exploit (or something similar.. I don't have my log handy at the moment).

    Also what is your network setup and where the box that's logging in relation to the box that's being targeted?

    I can think of plenty of possibilities, but knowing more about your network would help filter out various possibilities.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. IP Addresses, MAC Addresses, and ARP
    By ch4r in forum Other Tutorials Forum
    Replies: 5
    Last Post: January 30th, 2006, 11:18 PM
  2. MAC addresses...
    By bluthund in forum Other Tutorials Forum
    Replies: 0
    Last Post: May 26th, 2004, 08:24 AM
  3. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules