Ok i get this scan detection 15-30 times a day.... any one know how to stop it?
I know this has to do with cpanel/whm... the ip is coming from burst, and i have talked to several of the network admins at various times... they all agree it is becuase of whm/cpanel.
i was informed to email nick, but haven't gotten a reply back from him yet. hell i don't even know if i had the right email.
it is just really annouying.....
can anyone help?
=-=-=-=-=-=-=-=-=-=-=-=-=-= May 22 02:15:08 =-=-=-=-=-=-=-=-=-=-=-=-=-=
psad: portscan detected against xxxxxx.xxxxxxxx.com (xxx.xxx.xxx.xxx).
Source: 66.96.193.2
Destination: xxx.xxx.xxx.xxx
Newly scanned UDP ports: [48426-48450] (since: May 22 02:15:08)
Newly Blocked UDP packets: [2] (since: May 22 02:15:08)
Complete TCP/UDP port range: [32812-59960] (since: May 8 00:29:37)
Total blocked packets: 32
Start time: May 21 14:24:57
End time: May 22 02:15:08
Danger level: 1 out of 5
DNS info: 66.96.193.2 -& dns.burst.net
---- Whois Information: ----
Network Operations Center Inc. (NETBLK-HOSTNOC) HOSTNOC
66.96.192.0 - 66.96.255.255
BurstNET Technologies, Inc. (NETBLK-BURSTNET726) BURSTNET726
66.96.193.2 - 66.96.205.192
To single out one record, look it up with &!xxx&, where xxx is the
handle, shown in parenthesis following the name, which comes first.
The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.
=-=-=-=-=-=-=-=-=-=-=-=-=-= May 22 02:15:08 =-=-=-=-=-=-=-=-=-=-=-=-=-=
I know this has to do with cpanel/whm... the ip is coming from burst, and i have talked to several of the network admins at various times... they all agree it is becuase of whm/cpanel.
i was informed to email nick, but haven't gotten a reply back from him yet. hell i don't even know if i had the right email.
it is just really annouying.....
can anyone help?
=-=-=-=-=-=-=-=-=-=-=-=-=-= May 22 02:15:08 =-=-=-=-=-=-=-=-=-=-=-=-=-=
psad: portscan detected against xxxxxx.xxxxxxxx.com (xxx.xxx.xxx.xxx).
Source: 66.96.193.2
Destination: xxx.xxx.xxx.xxx
Newly scanned UDP ports: [48426-48450] (since: May 22 02:15:08)
Newly Blocked UDP packets: [2] (since: May 22 02:15:08)
Complete TCP/UDP port range: [32812-59960] (since: May 8 00:29:37)
Total blocked packets: 32
Start time: May 21 14:24:57
End time: May 22 02:15:08
Danger level: 1 out of 5
DNS info: 66.96.193.2 -& dns.burst.net
---- Whois Information: ----
Network Operations Center Inc. (NETBLK-HOSTNOC) HOSTNOC
66.96.192.0 - 66.96.255.255
BurstNET Technologies, Inc. (NETBLK-BURSTNET726) BURSTNET726
66.96.193.2 - 66.96.205.192
To single out one record, look it up with &!xxx&, where xxx is the
handle, shown in parenthesis following the name, which comes first.
The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.
=-=-=-=-=-=-=-=-=-=-=-=-=-= May 22 02:15:08 =-=-=-=-=-=-=-=-=-=-=-=-=-=