Archived from groups: comp.security.firewalls (More info?)
Here are some records (from a lot) from my Kerio 2.1.5:
"
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1130, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1131, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1087, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1088, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1089, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1090, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1091, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1092, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1094, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1093, Owner: no owner
"
etc. etc.
What do 'quote-2c.bloomberg.com' trying to achieve?
Thanks for any education.
Here are some records (from a lot) from my Kerio 2.1.5:
"
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1130, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1131, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1087, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1088, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1089, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1090, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1091, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1092, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1094, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1093, Owner: no owner
"
etc. etc.
What do 'quote-2c.bloomberg.com' trying to achieve?
Thanks for any education.
Facebook
Twitter
Instagram