I've been noticing a lot of sassr attacks on port 445 and 135 in my logs. But when I watch them real-time on my "hostwatch" screen, they go don't go to an IP address or WINS name, they go to "1296-99" where "99"is the 4th bit of the IP address (e.g. 10.10.10.99). Is 1296 just some shorthand for our internal IP range or what? Just wondering... thanks!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Inside server name - wierd change
- Thread starter wanster
- Start date
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question