================================================================================== NOTE: This report lists unique hosts ("hits") attempting to make an inbound connection to my residential home network (Comcast). Descriptions are pulled from /etc/services. My home network has never allowed ingress; my BBS is run elsewhere, so these hits are all illicit, with a few consisting of network scans which identify themselves as researchers (e.g., shodan.io) ================================================================================== Ports probed, scanned, or to which connection was attempted - Last Month 2023-Jan-02 12:00:01am (Mon) to 2023-Feb-01 12:00:01am (Wed) First hit: 2023-Jan-02 12:00:36am (Mon) Most Recent hit: 2023-Feb-01 12:00:00am (Wed) Total Unique Ports: 302 Total Hits: 46670 +-------+---------+---------------------------------------------------------------+ | Port | Hits | Description | +-------+---------+---------------------------------------------------------------+ 23 13116 telnet 22 5067 ssh - SSH Remote Login Protocol 8080 4378 http-alt webcache - WWW caching service 80 2864 http www - WorldWideWeb HTTP 443 2032 https - http protocol over TLS/SSL 1433 1426 ms-sql-s - Microsoft SQL Server 123 815 ntp - Network Time Protocol 8081 800 tproxy - Transparent Proxy 53 686 domain - Domain Name Server 3306 465 mysql 21 453 ftp 8088 448 omniorb - OmniORB 5432 417 postgresql postgres - PostgreSQL Database 389 404 ldap - Lightweight Directory Access Protocol 88 394 kerberos kerberos5 krb5 kerberos-sec - Kerberos v5 5353 331 mdns - Multicast DNS 1434 318 ms-sql-m - Microsoft SQL Monitor 1194 299 openvpn 5060 297 sip - Session Initiation Protocol 111 290 sunrpc portmapper - RPC 4.0 portmapper 7000 280 afs3-fileserver bbs - file server itself 5061 264 sip-tls 102 259 iso-tsap tsap - part of ISODE 2000 249 cisco-sccp - Cisco SCCP 10000 213 webmin 7001 211 afs3-callback - callbacks to cache managers 500 201 isakmp - IPsec - Internet Security Association 143 196 imap2 imap - Interim Mail Access P 2 and 4 465 195 submissions ssmtp smtps urd - Submission over TLS [RFC8314] 5222 193 xmpp-client jabber-client - Jabber Client Connection 993 191 imaps - IMAP over SSL 587 189 submission - Submission [RFC4409] 631 188 ipp - Internet Printing Protocol 990 185 ftps 995 185 pop3s - POP-3 over SSL 110 181 pop3 pop-3 - POP version 3 873 172 rsync 554 159 rtsp - Real Time Stream Control Protocol 2086 159 gnunet 19 158 chargen ttytst source 444 144 snpp - Simple Network Paging Protocol 2049 142 nfs - Network File System 6000 141 x11 x11-0 - X Window System 636 140 ldaps - LDAP over SSL 2121 139 iprop - incremental propagation 179 134 bgp - Border Gateway Protocol 113 133 auth authentication tap ident 808 132 omirr omirrd - online mirror 4369 130 epmd - Erlang Port Mapper Daemon 6001 123 x11-1 69 109 tftp 4899 101 radmin-port - RAdmin Port 7002 95 afs3-prserver - users & groups database 623 94 asf-rmcp - ASF Remote Management and Control Protocol 119 91 nntp readnews untp - USENET News Transfer Protocol 992 91 telnets - Telnet over SSL 20 89 ftp-data 6667 87 ircd - Internet Relay Chat 79 84 finger 3050 84 gds-db gds_db - InterBase server 5269 84 xmpp-server jabber-server - Jabber Server Connection 8140 84 puppet - The Puppet master service 1701 82 l2f l2tp 515 80 printer spooler - line printer spooler 2053 78 knetd - Kerberos de-multiplexor 87 77 link ttylink 70 75 gopher - Internet Gopher 5050 70 mmcc - multimedia conference control tool (Yahoo IM) 161 65 snmp - Simple Net Mgmt Protocol 514 61 shell cmd - no passwords used 5671 60 amqps - AMQP protocol over TLS/SSL 548 59 afpovertcp - AFP over TCP 5002 59 rfe - Radio Free Ethernet 177 58 xdmcp - X Display Mgr. Control Proto 427 57 svrloc - Server Location 512 57 exec 6002 56 x11-2 13 52 daytime 162 50 snmp-trap snmptrap - Traps for SNMP 194 50 irc - Internet Relay Chat 989 50 ftps-data - FTP over SSL (data) 6006 48 x11-6 6003 46 x11-3 7 45 echo 9418 45 git - Git Version Control System 115 44 sftp 199 44 smux - SNMP Unix Multiplexer 1099 44 rmiregistry - Java RMI Registry 49 43 tacacs - Login Host Protocol (TACACS) 777 43 moira-update moira_update - Moira update protocol 3689 43 daap - Digital Audio Access Protocol 5556 43 freeciv rptp - Freeciv gameplay 7005 43 afs3-volser - volume managment server 7003 42 afs3-vlserver - volume location database 8021 42 zope-ftp - zope management by ftp 43 41 whois nicname 6005 41 x11-5 2003 40 cfinger - GNU Finger 3690 40 svn subversion - Subversion protocol 6004 40 x11-4 37 39 time timserver 11 38 systat users 445 38 microsoft-ds - Microsoft Naked CIFS 6007 38 x11-7 7100 38 font-service xfs - X Font Service 17 37 qotd quote 2601 37 zebra - zebra vty 7007 37 afs3-bos - basic overseer process 3260 36 iscsi-target 7004 36 afs3-kaserver - AFS/Kerberos authentication 5051 35 enbd-cstatd - ENBD client statd 5190 35 aol - AIM 15 34 netstat 67 34 bootps 9098 34 xinetd 1001 33 customs - pmake customs server 106 32 poppassd - Eudora 4949 32 munin lrrd - Munin 6697 32 ircs-u - Internet Relay Chat via TLS/SSL 9103 31 bacula-sd - Bacula Storage Daemon 104 30 acr-nema dicom - Digital Imag. & Comm. 300 563 30 nntps snntp - NNTP over SSL 853 30 domain-s - DNS over TLS [RFC7858] 2111 30 kx - X over Kerberos 5666 29 nrpe - Nagios Remote Plugin Executor 2010 28 search ndtp 10080 28 amanda - amanda backup services 11112 28 dicom 9 27 discard sink null 1812 27 radius 2628 27 dict - Dictionary server 3493 27 nut - Network UPS Tools 1645 26 datametrics old-radius 2433 26 codasrv-se - tcp side effects 5151 26 pcrd - PCR-1000 Daemon 9101 26 bacula-dir - Bacula Director 4500 24 ipsec-nat-t - IPsec NAT-Traversal [RFC3947] 7006 24 afs3-errors - error interpretation service 9102 24 bacula-fd - Bacula File Daemon 3130 23 icpv2 icp - Internet Cache Protocol 8990 23 clc-build-daemon - Common lisp build daemon 4190 22 sieve - ManageSieve Protocol 1813 21 radius-acct radacct - Radius Accounting 10050 21 zabbix-agent - Zabbix Agent 1300 20 wipld - Wipl network monitor 2101 20 rtcm-sc104 - RTCM SC-104 IANA 1/29/99 2401 20 cvspserver - CVS client/server operations 2602 20 ripd - ripd vty (zebra) 93 19 Shibboleth Canaidate 93 749 19 kerberos-adm - Kerberos `kadmin' (v5) 5052 19 enbd-sstatd - ENBD server statd 5680 19 canna - cannaserver 530 18 courier rpc 1646 18 sa-msg-port old-radacct 1863 18 msnp - MSN Messenger 2150 18 ninstall - ninstall service 544 17 kshell krcmd - Kerberized `rsh' (v5) 10081 17 kamanda - amanda backup services (Kerberos) 42 16 nameserver name - IEN 116 513 16 login 1313 16 xtel - french minitel 1314 16 xtelw - french minitel 1957 16 unix-status - remstats unix-status server 2105 16 eklogin - Kerberos encrypted rlogin 10051 16 zabbix-trapper - Zabbix Trapper 347 15 fatserv - Fatmen Server 543 15 klogin - Kerberized `rlogin' (v5) 1214 15 kazaa 1959 15 remoteping - remstats remoteping server 2600 15 zebrasrv - zebra service 6446 15 mysql-proxy - MySQL Proxy 6514 15 syslog-tls - Syslog over TLS [RFC5425] 4224 14 xtell - xtell server 5355 14 hostmon - hostmon uses TCP (nocol) 6566 14 sane-port sane saned - SANE network scanner daemon 10083 14 amidxtape - amanda backup services 202 13 at-nbp - AppleTalk name binding 406 13 imsp - Interactive Mail Support Protocol 487 13 saft - Simple Asynchronous File Transfer 538 13 gdomap - GNUstep distributed objects 556 13 remotefs rfs_server rfs - Brunhoff remote filesystem 1109 13 kpop - Pop with Kerberos 1352 13 lotusnote lotusnotes - Lotus Note 1958 13 log-server - remstats log server 2119 13 gsigatekeeper 4353 13 f5-iquery - F5 iQuery 4600 13 distmp3 - distmp3host daemon 20011 13 isdnlog - isdn logging system 18 12 msp - message send protocol 163 12 cmip-man - ISO mgmt over IP (CMOT) 370 12 codaauth2 464 12 kpasswd 612 12 hmmp-ind dqs313_intercell - HMMP Indication / DQS 1093 12 proofd 1127 12 supfiledbg - SUP debugging 7009 12 afs3-rmtsys - remote cache manager service 10082 12 amandaidx - amanda backup services 13722 12 bpjava-msvc - BP Java MSVC Protocol 64 11 Shibboleth Candidate 64 164 11 cmip-agent 345 11 pawserv - Perf Analysis Workbench 547 11 dhcpv6-server 2432 11 codasrv - not used 2947 11 gpsd 3205 11 isns - iSNS Server Port 4569 11 iax - Inter-Asterisk eXchange 7008 11 afs3-update - server-to-server updater 13783 11 vopied - VERITAS NetBackup 901 10 swat - swat 2135 10 gris - Grid Resource Information Server 2604 10 ospfd - ospfd vty (zebra) 2605 10 bgpd - bgpd vty (zebra) 2606 10 ospf6d - ospf6d vty (zebra) 4031 10 suucp - UUCP over SSL 4373 10 remctl - Remote Authenticated Command Service 5308 10 cfengine 5354 10 noclog - noclogd with TCP (nocol) 6346 10 gnutella-svc - gnutella 6444 10 sge-qmaster sge_qmaster - Grid Engine Qmaster Service 17500 10 db-lsp - Dropbox LanSync Protocol 174 9 mailq - Mailer transport queue for Zmailer 204 9 at-echo - AppleTalk echo 210 9 z3950 wais - NISO Z39.50 database 213 9 ipx - IPX 765 9 webster - Network dictionary 1236 9 rmtcfg - Gracilis Packeten remote config server 1524 9 ingreslock 2431 9 venus-se - tcp side effects 2607 9 ospfapi - OSPF-API 3632 9 distcc - distributed compiler 5688 9 ggz - GGZ Gaming Zone 178 8 nextstep NeXTStep NextStep - NeXTStep window 206 8 at-zis - AppleTalk zone information 209 8 qmtp - Quick Mail Transfer Protocol 346 8 zserv - Zebra server 369 8 rpc2portmap 371 8 clearcase Clearcase 372 8 ulistserv - UNIX Listserv 549 8 idfp 655 8 tinc - tinc control port 783 8 spamd - spamassassin daemon 1094 8 rootd 1241 8 nessus - Nessus vulnerability 2430 8 venus - codacon port 2792 8 f5-globalsite 2988 8 afbackup - Afbackup system 2989 8 afmbackup - Afmbackup system 6347 8 gnutella-rtr - gnutella 6445 8 sge-execd sge_execd - Grid Engine Execution Service 201 7 at-rtmp - AppleTalk routing 518 7 ntalk 540 7 uucp uucpd - uucp daemon 628 7 qmqp 760 7 krbupdate kreg - Kerberos registration 1677 7 groupwise 2811 7 gsiftp 5667 7 nsca - Nagios Agent - NSCA 5674 7 mrtd - MRT Routing Daemon 13724 7 vnetd - Veritas Network Utility 13782 7 bpcd - VERITAS NetBackup 20012 7 vboxd - voice box system 68 6 bootpc 531 6 conference chat 546 6 dhcpv6-client 607 6 nqs - Network Queuing system 871 6 supfilesrv - SUP server 1529 6 support - GNATS 2583 6 mon - MON traps 2603 6 ripngd - ripngd vty (zebra) 2608 6 isisd - ISISd vty (zebra) 4094 6 sysrqd - sysrq daemon 4691 6 mtn - monotone Netsync Protocol 5675 6 bgpsim - MRT Routing Simulator 526 5 tempo newdate 532 5 netnews readnews 610 5 npmp-local dqs313_qmaster - npmp-local / DQS 611 5 npmp-gui dqs313_execd - npmp-gui / DQS 706 5 silc 754 5 krb-prop krb_prop krb5_prop hprop - Kerberos slave propagation 775 5 moira-db moira_db - Moira database 1178 5 skkserv - skk jisho server port 1649 5 kermit 4557 5 fax - FAX transmission service (old) 4559 5 hylafax - HylaFAX client-server protocol (new) 9667 5 xmms2 - Cross-platform Music Multiplexing System 9673 5 zope - zope server 11371 5 hkp - OpenPGP HTTP Keyserver 13720 5 bprd - VERITAS NetBackup 57000 5 dircproxy - Detachable IRC Proxy 751 4 kerberos-master kerberos_master - Kerberos authentication 750 3 kerberos4 kerberos-iv kdc - Kerberos (server) 22128 3 gsidcap - GSI dCache Access Protocol 22273 3 wnn6 - wnn6 10809 2 nbd - Linux Network Block Device 13721 2 bpdbm - VERITAS NetBackup 17004 2 sgi-cad - Cluster Admin daemon 517 1 talk 11201 1 smsqp - Alamin SMS gateway 15345 1 xpilot - XPilot Contact Port 22125 1 dcap - dCache Access Protocol 27374 1 asp - Address Search Protocol 30865 1 csync2 - cluster synchronization tool Report generated on: 2023-Feb-01 12:00:01am (Wed)