Monday, 24 August 2009

Facebook port scans

Looking through my router logs:

20:23:52 23 Aug IDS scan parser : tcp port scan: scanned at least 10 ports at x.y.z.a. (1 of 1) : x.y.z.a 0040 TCP 80->64876 [..AR..] seq 105673427 ack 753172620 win 0

tng@withnail:~$ host domain name pointer

A rogue app "tag photos" that one of my friends had installed might well have been the culprit. I got a mail saying I was tagged and of course refused the app install. The app was later reporting that it had been banned by facebook admins. Still, someone ran a port scan on my system.

Be careful out there.

1 comment:

facebookhackedme said...

Sep 25 05:56:38 home.gateway:firewall:info: 306997.994 Intrusion TCP FIN scan(17) -- > myipaddress:36404

Country: United States
Region: California
City: Palo Alto
Postal Code: 94304
Latitude/Longitude: 37.376202 / -122.182602
ISP: "Facebook"
Organization: "Facebook"
Host Name:

IP address is numbered The country of this IP address activation is United States, and it is registered in Palo Alto, California. IP Country code is US. IP address is assigned to "Facebook". In organization "Facebook". It is also assigned to a hostname IP address latitude is 37.376202 and longitude is -122.182602. Postal code of this IP is 94304 and area code is 650.