|
My guess would be Nimba type virus trying to get to your machine. Looking at the logs of our IIS web server, we get tons of errors for variations on CMD. QUIT is a common command for Telnet type clients such as FTP (Port 21), Telnet (Port 23), SMTP (Port 25), POP3 (Port 110). My guess is there is one, or more, infected clients out on the internet set up to scan for open Telnet ports, and they keep hitting yours, don't get a response, so issue a QUIT command which the AS/400 takes as a user name. With these Nimba type viruses it's no longer a matter of if someone tries to hack in, but how often. One thing I used to do on my Mail server, when I was hit by a spammer (our mail server was old and wouldn't allow me to disable mail forwarding) I would enter a route for their IP address with a default gateway of 0.0.0.0 (an invalid IP address). So when they hit my mail server, my mail server would try to respond to 0.0.0.0 and it wouldn't go through, and they were effectively blocked. Regards, Jim Langston From: "Chuck Lewis" <clewis@iquest.net> Mark, Checked that and we have that pretty much shut down (only 1 QPAxxxxx and it is varied off)... (?) :-) Thanks, Chuck
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
