[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

suspicious IP's. Can it be tunneling ?

To: packeteer-edu@lists.Stanford.EDU
Subject: suspicious IP's. Can it be tunneling ?
From: Mustafa Cagatayli <mscag@ciu.edu.tr>
Date: Fri, 17 Jan 2003 09:52:52 +0200
Sender: owner-packeteer-edu@lists.Stanford.EDU

Hello,

It has been 4 days since out outbound/autodiscover/http traffic has grown 
so much that all our outbound capacity is now full. As this is a port/class 
that needs to be available there is no way for me to limit its traffic.

After reading George Russs' e-mail message about tunneling through HTTP 
port, I tried to checked to see if the traffic is actually towards 
www.http-tunnel.com. I found out that the traffic is not towards their 
servers, but mostly towards the following ones. Has anyone experienced any 
such situation ? Does any one know what these IP's are ?

157.163.1.10 - 157.163.1.19 and
66.28.236.82 - 66.28.236.93

Regards.



Mustafa Cagatayli
CC

-++**==--++**==--++**==--++**==--++**==--++**==--++**==--++**==--++**
This message was posted through the Stanford mailing list server. To
subscribe/unsubscribe, send email to majordomo@lists.stanford.edu
with "subscribe packeteer-edu" or "unsubscribe packeteer-edu" as the body.  Archive
is at http://www.stanford.edu/group/networking/netlists/

Follow-Ups:
- Kazaa question
  - From: Mike Diggins <diggins@McMaster.CA>
- Re: suspicious IP's. Can it be tunneling ?
  - From: Rick Coloccia <coloccia@geneseo.edu>

Prev by Date: VPN traffic class Q
Next by Date: Re: suspicious IP's. Can it be tunneling ?
Previous by thread: VPN traffic class Q
Next by thread: Re: suspicious IP's. Can it be tunneling ?
Index(es):
- Date
- Thread