=-=-=-=-=-=-=-=-=-=-=-= Wed Mar  7 22:49:13 2012 =-=-=-=-=-=-=-=-=-=-=-=


        Danger level: [2] (out of 5)

   Scanned TCP ports: [1433: 1 packets]
           TCP flags: [SYN: 1 packets, Nmap: -sT or -sS]
      iptables chain: INPUT (prefix "iptables INPUT:"), 1 packets

              Source: 219.243.27.105
                 DNS: [No reverse dns info available]

         Destination: 95.211.47.206
                 DNS: localhost.localdomain

  Overall scan start: Wed Mar  7 22:49:12 2012
  Total email alerts: 1
  Complete TCP range: [1433]
     Syslog hostname: mos

        Global stats: chain:   interface:   TCP:   UDP:   ICMP:
                      INPUT    eth0         1      0      0


[+] TCP scan signatures:

  "MISC Microsoft SQL Server communication attempt"
      dst port:  1433 (no server bound to local port)
      flags:     SYN
      psad_id:   100205
      chain:     INPUT
      packets:   1
      classtype: attempted-admin


[+] Whois Information (source IP):
% [whois.apnic.net node-4]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

inetnum:        219.243.24.0 - 219.243.27.255
netname:        BOUSTEAD-CN
descr:          天津商学院宝德职业技术学院
descr:          Tianjin University of Commerce Boustead College
descr:          Tianjin, Tianjin 300084, China
country:        CN
admin-c:        LD110-AP
tech-c:         LD110-AP
tech-c:         CER-AP
remarks:        origin AS4538
changed:        hostmaster@net.edu.cn 20030228
mnt-by:         MAINT-CERNET-AP
status:         ASSIGNED NON-PORTABLE
source:         APNIC

role:           CERNET Helpdesk
address:        Room 224, Main Building
address:        Tsinghua University
address:        Beijing 100084, China
country:        CN
phone:          +86-10-6278-4049
fax-no:         +86-10-6278-5933
e-mail:         cernet-helpdesk-ip@net.edu.cn
remarks:        abuse@net.edu.cn
admin-c:        XL1-CN
tech-c:         SZ2-AP
nic-hdl:        CER-AP
remarks:        Point of Contact for admin-c
mnt-by:         MAINT-CERNET-AP
changed:        cernet-helpdesk-ip@net.edu.cn 20010903
source:         APNIC
changed:        hm-changed@apnic.net 20111114

person:         Liu Dongpeng
address:        Network Management Center
address:        Tianjin University of Commerce Boustead College
address:        Tianjin, Tianjin 300084, China
country:        CN
nic-hdl:        LD110-AP
e-mail:         ldp@eyou.com
phone:          +86-022-23799800
fax-no:         +86-022-23618680
changed:        hostmaster@net.edu.cn 20030228
mnt-by:         MAINT-CERNET-AP
source:         APNIC
changed:        hm-changed@apnic.net 20111122



=-=-=-=-=-=-=-=-=-=-=-= Wed Mar  7 22:49:13 2012 =-=-=-=-=-=-=-=-=-=-=-=