Sunday, June 18, 2017

Hosts Connecting on Undesirable Ports ~ 6/17/17

I blocked these ports in my Firebox, which has a feature to auto-block IP addresses that try to connect on undesirable ports and in just a few days I got all the hosts below attempting to connect. This could be an inadvertent mistake but likely a lot of the following IP addresses are hosts being used by attackers to carry out unwanted activities.

Ports:

111
513
514
2049
6000
6001
6002
6003
6004
6005
7100
8000
23
1433
3389
22
3390
4001
3391
119
9000
9981
445
2323
289


Hosts:

1.192.145.246
100.16.112.111 pool-100-16-112-111.bltmmd.fios.verizon.net.
100.2.50.104 pool-100-2-50-104.nycmny.fios.verizon.net.
101.88.231.170
103.196.231.201
103.207.37.180
103.207.37.20
103.207.37.99
103.207.39.149
103.208.183.62
103.214.143.61
103.22.133.11
103.235.245.6
103.236.254.99
103.27.7.127
103.42.85.110
103.56.165.45
103.79.141.248
103.79.142.31
103.79.143.148
103.89.88.181
104.168.141.6 cvps11145281478.hostwindsdns.com.
104.193.252.231 nelsonbaker.clientshostname.com.
104.236.177.18 worker-05-31-23.stretchoid.com.
106.110.142.116
106.3.45.53 undefine.inidc.com.cn.
106.37.83.232 232.83.37.106.static.bjtelecom.net.
106.75.3.80
107.223.154.132 107-223-154-132.lightspeed.jcsnms.sbcglobal.net.
108.199.166.213 108-199-166-213.lightspeed.irvnca.sbcglobal.net.
108.211.74.139 108-211-74-139.lightspeed.miamfl.sbcglobal.net.
109.124.151.223 109-124-151-223.customer.t3.se.
109.162.14.173 109-162-14-173.broadband.kyivstar.net.
109.187.153.33 h109-187-153-33.dyn.bashtel.ru.
109.247.4.162 162.109-247-4.customer.lyse.net.
109.75.39.237 host-237.39.75.109.ucom.am.
110.142.246.97 lrgilm.lnk.telstra.net.
110.179.169.119
110.53.101.47
110.86.33.173 173.33.86.110.broad.xm.fj.dynamic.163data.com.cn.
110.92.189.95
110.92.190.185
111.40.166.130
111.75.199.85
111.79.129.215
112.119.43.127 n11211943127.netvigator.com.
112.122.4.174
112.160.58.149
112.185.149.217
112.25.171.119
112.35.2.230
112.85.214.111
113.103.160.75
113.106.4.2
113.165.255.134 localhost.
113.251.220.25
113.254.224.187
113.83.240.149
114.109.150.180 cm-114-109-150-180.revip13.asianet.co.th.
114.112.69.202
114.35.45.75 114-35-45-75.HINET-IP.hinet.net.
115.157.71.229
115.159.203.28
115.161.254.127
115.211.157.140
115.85.192.40
116.106.168.95
116.11.55.0
116.228.20.66
116.255.165.88
116.255.253.135
116.30.6.224
116.36.229.87
116.72.11.65
116.97.214.225
117.11.194.195 dns195.online.tj.cn.
117.167.118.148
117.192.206.162
117.223.20.119
117.88.187.3 3.187.88.117.broad.nj.js.dynamic.163data.com.cn.
117.92.182.213 213.182.92.117.broad.lyg.js.dynamic.163data.com.cn.
118.173.154.184 node-uk8.pool-118-173.dynamic.totbb.net.
118.180.10.30
118.193.31.182
118.91.37.32
119.10.9.38
119.126.161.38
119.140.228.231
119.167.49.191
119.29.83.197
120.236.31.18 www.xyjabest.com. mail.xyjabest.com.
120.60.2.218 triband-mum-120.60.2.218.mtnl.net.in.
120.77.144.244
121.177.220.155
121.199.23.80
121.225.29.48 48.29.225.121.broad.nj.js.dynamic.163data.com.cn.
121.227.142.203 203.142.227.121.broad.sz.js.dynamic.163data.com.cn.
121.234.245.244 244.245.234.121.broad.sq.js.dynamic.163data.com.cn.
121.238.167.165
121.254.204.8
122.114.215.35
122.114.217.101
122.114.217.199
122.114.235.235
122.114.241.238
122.114.248.59
122.114.34.91
122.116.197.101 122-116-197-101.HINET-IP.hinet.net.
122.121.190.76 122-121-190-76.dynamic-ip.hinet.net.
122.129.75.46 122-129-75-46.brain.net.pk.
122.167.100.0
122.191.218.90
122.193.35.165
122.235.180.50
122.7.71.187 187.71.7.122.broad.zz.sd.dynamic.163data.com.cn.
123.108.187.212
123.108.191.32
123.201.57.182 182-57-201-123.static.youbroadband.in.
123.207.109.42
123.207.110.50
123.207.153.163
123.207.179.161
123.207.184.228
123.207.24.234
123.207.243.233
123.207.93.125
123.207.98.112
123.238.66.161
123.241.7.90 123-241-7-90.cctv.dynamic.tbcnet.net.tw.
123.249.35.42
123.249.76.25
123.96.46.146 146.46.96.123.broad.zs.zj.dynamic.163data.com.cn.
124.117.189.12
124.120.17.31 ppp-124-120-17-31.revip2.asianet.co.th.
124.133.2.41
124.170.176.156 124-170-176-156.dyn.iinet.net.au.
124.205.10.130
124.244.51.254 124244051254.ctinets.com.
124.253.19.28
125.227.174.19 125-227-174-19.HINET-IP.hinet.net.
125.82.212.48
130.204.41.91 unknown.interbgc.com.
139.159.210.208
139.162.120.98 li1604-98.members.linode.com.
139.162.88.20 li1568-20.members.linode.com.
139.170.221.110
14.148.137.26
14.153.196.30
140.206.77.100
142.196.136.59 142-196-136-59.res.bhn.net.
143.137.44.45 143.137.44.45.hopnet.com.br.
147.0.105.110 rrcs-147-0-105-110.central.biz.rr.com.
148.255.35.21 21.35.255.148.d.dyn.claro.net.do.
151.40.162.149 adsl-ull-149-162.40-151.wind.it.
152.249.240.160 152-249-240-160.user.vivozap.com.br.
153.136.173.168 p1326168-ipngn201005tokaisakaetozai.aichi.ocn.ne.jp.
156.204.191.230 host-156.204.230.191-static.tedata.net.
162.144.83.30 amazipress.com.
163.177.14.155
164.52.7.130
167.0.242.167
171.249.159.203
171.251.64.75
173.172.1.23 cpe-173-172-1-23.tx.res.rr.com.
173.70.42.96 pool-173-70-42-96.nwrknj.fios.verizon.net.
173.72.117.201 pool-173-72-117-201.cmdnnj.fios.verizon.net.
175.100.89.206
175.118.197.32
175.174.137.197
176.49.51.195 b-internet.176.49.51.195.nsk.rt.ru.
176.58.236.123 adsl-123.176.58.236.tellas.gr.
177.140.17.32 b18c1120.virtua.com.br.
177.177.50.177 177-177-50-177.user.veloxzone.com.br.
177.182.119.20 b1b67714.virtua.com.br.
177.227.132.165 customer-QRO-132-165.megared.net.mx.
177.38.98.82 177-38-98-82.netway.psi.br.
177.81.203.28 b151cb1c.virtua.com.br.
177.82.150.20 b1529614.virtua.com.br.
177.85.37.219 219-37-85-177.customer.vialivre-msp.com.br.
177.96.0.24 177.96.0.24.dynamic.adsl.gvt.net.br.
178.157.242.172
178.239.219.160
178.46.56.232
179.159.144.171 b39f90ab.virtua.com.br.
179.187.241.66 179.187.241.66.dynamic.adsl.gvt.net.br.
179.215.45.252 b3d72dfc.virtua.com.br.
179.37.54.127 179-37-54-127.speedy.com.ar.
180.103.196.179
180.104.108.230
180.110.210.42
180.151.248.139 180.151.248.139.reverse.spectranet.in.
180.169.44.219
180.174.154.224
180.212.46.94
180.254.181.124
181.113.169.57 57.169.113.181.static.pichincha.andinanet.net.
181.122.148.251 pool-251-148-122-181.telecel.com.py.
181.168.188.39 39-188-168-181.fibertel.com.ar.
181.168.228.39 39-228-168-181.fibertel.com.ar.
181.196.213.167 167.213.196.181.static.pichincha.andinanet.net.
181.196.81.8 8.81.196.181.static.pichincha.andinanet.net.
181.21.141.232 181-21-141-232.speedy.com.ar.
181.211.143.14 14.143.211.181.static.pichincha.andinanet.net.
181.211.183.244 244.183.211.181.static.pichincha.andinanet.net.
181.27.165.77 181-27-165-77.speedy.com.ar.
181.27.205.86 181-27-205-86.speedy.com.ar.
182.18.22.44
182.19.205.119
182.61.26.88
183.104.106.164
183.136.213.116
183.141.143.105
183.142.196.57
183.206.8.206 206.8.206.183.static.js.chinamobile.com.
183.31.9.35
183.93.157.17
183.99.26.229
184.105.139.88 88.64-26.139.105.184.in-addr.arpa. scan-02e.shadowserver.org.
184.105.139.93 93.64-26.139.105.184.in-addr.arpa. scan-03e.shadowserver.org.
184.68.103.222
185.169.230.69 ; <<>> DiG 9.8.3-P1 <<>> -x 185.169.230.69 +short ;; global options: +cmd ;; connection timed out; no servers could be reached
185.173.146.3 185-173-146-3.smartnet.md.
185.22.136.214 136amplus214.amplus.net.pl.
185.35.62.216
185.94.111.1
186.134.6.140 186-134-6-140.speedy.com.ar.
186.146.61.117 static-ip-18614661117.cable.net.co.
186.207.7.30 bacf071e.virtua.com.br.
186.210.224.57 186-210-224-57.xd-dynamic.algarnetsuper.com.br.
186.47.220.64 64.220.47.186.static.pichincha.andinanet.net.
186.58.154.161 186-58-154-161.speedy.com.ar.
186.62.161.204 186-62-161-204.speedy.com.ar.
186.93.84.156 186-93-84-156.genericrev.cantv.net.
187.10.119.132 187-10-119-132.dsl.telesp.net.br.
187.136.167.235 dsl-187-136-167-235-dyn.prod-infinitum.com.mx.
187.190.53.190 fixed-187-190-53-190.totalplay.net.
187.214.5.92 dsl-187-214-5-92-dyn.prod-infinitum.com.mx.
187.72.252.40
188.115.186.217 188-115-186-217.broadband.tenet.odessa.ua.
188.16.112.104
188.16.112.40
188.16.28.171
188.19.57.2
188.53.60.77
188.85.120.63 static-63-120-85-188.ipcom.comunitel.net.
189.100.0.182 bd6400b6.virtua.com.br.
189.160.120.1 dsl-189-160-120-1-dyn.prod-infinitum.com.mx.
189.232.196.215 dsl-189-232-196-215-dyn.prod-infinitum.com.mx.
189.253.139.179 dsl-189-253-139-179-dyn.prod-infinitum.com.mx.
190.152.107.168
190.177.36.118 190-177-36-118.speedy.com.ar.
190.177.52.153 190-177-52-153.speedy.com.ar.
190.236.211.22
190.50.214.84 190-50-214-84.speedy.com.ar.
190.51.85.55 190-51-85-55.speedy.com.ar.
190.61.31.105 105.31.61.190.static.host.ifxnetworks.com.
190.66.105.22
191.178.23.217 bfb217d9.virtua.com.br.
191.248.108.178 191.248.108.178.dynamic.adsl.gvt.net.br.
191.43.26.234
191.81.154.123 191-81-154-123.speedy.com.ar.
191.83.65.212 191-83-65-212.speedy.com.ar.
192.114.66.213 bzq-114-66-213.cust.bezeqint.net.
193.232.171.45
195.154.71.193 195-154-71-193.rev.poneytelecom.eu.
195.31.219.17 host17-219-static.31-195-b.business.telecomitalia.it.
196.218.185.46 host-196.218.185.46-static.tedata.net.
199.192.205.162 ns9.openmindcreations.com.
2.139.234.44 44.red-2-139-234.staticip.rima-tde.net.
2.235.212.64 2-235-212-64.ip230.fastwebnet.it.
201.177.130.142 201-177-130-142.speedy.com.ar.
201.178.151.29 201-178-151-29.speedy.com.ar.
201.178.47.80 201-178-47-80.speedy.com.ar.
201.254.2.135 201-254-2-135.speedy.com.ar.
201.29.203.101 201-29-203-101.user.veloxzone.com.br.
201.52.88.148 c9345894.virtua.com.br.
202.100.179.141
202.116.65.42 lifescience.sysu.edu.cn.
202.38.84.37
202.71.4.192 dynamic-202.71.4.192.RK-Infratel.com.
202.91.239.252
203.154.91.162 203-154-91-162.inter.net.th.
203.195.130.151
203.195.147.204
203.195.161.108
203.195.168.43
203.195.171.168
203.195.199.83
203.195.235.148
203.221.31.19 203-221-031-19.tpgi.com.au.
204.12.206.234
208.100.26.228 ip228.208-100-26.static.steadfastdns.net.
208.66.25.99 25.66.208.web-pass.com.
210.201.90.92 210-201-90-92.static.apol.com.tw.
211.139.70.121
211.149.231.245
211.156.231.44
211.197.103.116
212.83.144.193 212-83-144-193.rev.poneytelecom.eu.
213.128.65.250 e34.gostiva.com.
213.195.146.176 213-195-146-176.static.ip.netia.com.pl.
213.32.7.73 ns3057609.ip-213-32-7.eu.
213.5.53.62 host-213-5-53-62.teleconnect.ru.
216.170.116.105
216.218.206.123 123.64-26.206.218.216.in-addr.arpa. scan-06n.shadowserver.org.
216.67.183.118 RVTNWYQCORTR1-FE0-0-118.HICAP.WYOMING.NET.
216.8.220.108 216.8.220.108.etczone.com.
217.114.210.185 h-217.114.210.185.keyweb.de.
217.197.240.117
218.109.166.225
218.2.197.240
218.206.167.50
218.206.240.53
218.57.48.12
218.6.173.43
218.61.148.22
218.88.245.200 200.245.88.218.broad.bz.sc.dynamic.163data.com.cn.
218.94.198.6
219.137.49.236 236.49.137.219.broad.gz.gd.dynamic.163data.com.cn.
219.154.181.11 hn.kd.jz.adsl.
219.222.65.172
219.234.135.113
219.255.132.92
219.84.169.97 219-84-169-97.static.so-net.net.tw.
220.178.71.156
220.85.169.58
221.1.19.20
221.13.0.198
221.156.145.216
221.176.153.147
221.194.44.240
221.224.163.242
221.230.38.172
222.118.228.237
222.132.52.195
222.175.38.164
222.186.3.229
222.186.34.48
222.186.50.76
222.34.133.25
222.73.136.134
222.77.27.203 203.27.77.222.broad.qz.fj.dynamic.163data.com.cn.
222.82.31.95
222.92.183.234
222.94.42.238
222.96.190.71
223.65.36.160 160.36.65.223.static.js.chinamobile.com.
223.66.106.58 58.106.66.223.static.js.chinamobile.com.
223.81.193.121
223.84.128.17
23.118.116.128 23-118-116-128.lightspeed.mmphtn.sbcglobal.net.
23.254.201.51 hwvps162940.hostwindsdns.com.
24.193.7.236 cpe-24-193-7-236.nyc.res.rr.com.
24.217.109.233 24-217-109-233.dhcp.stls.mo.charter.com.
24.232.215.7 OL7-215.fibertel.com.ar.
24.35.131.108 24-35-131-108.fidnet.com.
27.118.28.244
27.225.70.32
27.49.208.7
27.78.211.112 localhost.
31.162.173.195
31.162.36.109
31.168.159.231 bzq-159-168-31-231.red.bezeqint.net.
31.192.187.127 127.187-192-31.telenet.ru.
31.204.108.84
31.41.228.216 31.41.228.216.sunnet.net.ru.
31.42.57.2 2-57-42-31.merlin.ua.
36.111.203.145
37.115.106.205 37-115-106-205.broadband.kyivstar.net.
37.229.250.144 37-229-250-144.broadband.kyivstar.net.
37.61.219.117
39.108.12.215
41.135.120.36 41-135-120-36.dsl.mweb.co.za.
41.226.255.94
42.51.193.10 htuidc.bgp.ip.
42.51.203.21 htuidc.bgp.ip.
42.95.163.115
43.243.128.21
43.243.213.172
45.55.0.10 worker-05-31-33.stretchoid.com.
45.55.6.104 worker-05-31-80.stretchoid.com.
46.185.163.8 46.185.x.8.go.com.jo.
46.209.192.115
46.235.80.106
46.236.109.197 46-236-109-197.customer.t3.se.
46.236.91.20 46-236-91-20.customer.t3.se.
46.237.82.223 46-237-82-223.pz.ddns.bulsat.com.
46.36.64.78
46.38.160.7 ihlondon.com.
46.98.185.137 137.185.dyn.PPPoE.fregat.ua.
47.156.138.212
47.199.10.154
49.204.135.244 broadband.actcorp.in.
49.205.149.246 broadband.actcorp.in.
49.205.159.96 broadband.actcorp.in.
49.205.197.88 broadband.actcorp.in.
49.206.249.43 broadband.actcorp.in.
49.64.243.195
5.140.149.151
5.206.182.5 apn-5-206-182-5.vodafone.hu.
5.8.48.13
5.8.49.21
50.173.255.252 c-50-173-255-252.hsd1.ca.comcast.net.
50.198.226.168 50-198-226-168-static.hfc.comcastbusiness.net.
50.32.148.148
52.173.199.53
54.174.161.76 ec2-54-174-161-76.compute-1.amazonaws.com.
58.164.2.163 CPE-58-164-2-163.lnse5.ken.bigpond.net.au.
58.213.31.142
58.214.91.111
58.221.237.158
58.245.198.159 159.198.245.58.adsl-pool.jlccptt.net.cn.
58.251.76.195 reverse.gdsz.cncnet.net.
58.63.245.131
59.111.96.16
59.125.45.24 59-125-45-24.HINET-IP.hinet.net.
59.126.193.244 59-126-193-244.HINET-IP.hinet.net.
59.126.7.2 59-126-7-2.HINET-IP.hinet.net.
59.127.34.163 59-127-34-163.HINET-IP.hinet.net.
59.38.212.130 130.212.38.59.broad.fs.gd.dynamic.163data.com.cn.
59.46.0.79 79.0.46.59.broad.sy.ln.dynamic.163data.com.cn.
59.63.188.2
59.72.29.161
60.10.194.20
60.168.51.109
60.191.38.78
60.195.250.65
60.231.125.226 CPE-60-231-125-226.lns5.cha.bigpond.net.au.
60.250.133.224 60-250-133-224.HINET-IP.hinet.net.
61.129.70.243 ; <<>> DiG 9.8.3-P1 <<>> -x 61.129.70.243 +short ;; global options: +cmd ;; connection timed out; no servers could be reached
61.136.70.164 164.70.136.61.ha.cnc.
61.139.124.136
61.14.208.44
61.152.154.115
61.155.106.222
61.160.254.19
61.182.57.141
61.216.64.116 61-216-64-116.HINET-IP.hinet.net.
61.222.213.190 61-222-213-190.HINET-IP.hinet.net.
61.228.116.198 61-228-116-198.dynamic-ip.hinet.net.
61.92.253.62 061092253062.ctinets.com.
62.210.189.248 62-210-189-248.rev.poneytelecom.eu.
62.210.28.227 62-210-28-227.rev.poneytelecom.eu.
62.217.223.149
68.109.127.119 ip68-109-127-119.ri.ri.cox.net.
68.191.217.198 68-191-217-198.static.dntn.tx.charter.com.
68.196.241.26 ool-44c4f11a.dyn.optonline.net.
68.228.153.209 ip68-228-153-209.ri.ri.cox.net.
69.121.55.154 ool-4579379a.dyn.optonline.net.
69.69.131.196 fl-69-69-131-196.sta.embarqhsd.net.
70.127.62.161 70-127-62-161.res.bhn.net.
72.251.243.206
72.252.231.225
73.168.31.143 c-73-168-31-143.hsd1.il.comcast.net.
74.109.20.225 pool-74-109-20-225.phlapa.fios.verizon.net.
74.130.109.201 cpe-74-130-109-201.kya.res.rr.com.
74.3.187.36
74.66.66.58 cpe-74-66-66-58.nyc.res.rr.com.
74.90.49.147 ool-4a5a3193.dyn.optonline.net.
76.169.21.67 cpe-76-169-21-67.socal.res.rr.com.
76.218.9.49 76-218-9-49.lightspeed.sntcca.sbcglobal.net.
76.72.204.95
77.234.17.75 pppoe-77-234-17-75.kosnet.ru.
77.77.77.5
78.131.198.98 78-131-198-98.tktelekom.pl.
78.138.117.2 v23460.domainxyz.de.
78.172.227.154 78.172.227.154.dynamic.ttnet.com.tr.
78.187.2.40 78.187.2.40.dynamic.ttnet.com.tr.
78.42.67.247 HSI-KBW-078-042-067-247.hsi3.kabel-badenwuerttemberg.de.
80.229.158.93 jwilson1999.plus.com.
80.82.70.26 vicnovo7x026.securolytics.io.
81.10.121.169 host-81.10.121.169.tedata.net.
81.198.179.140
81.214.125.151 81.214.125.151.dynamic.ttnet.com.tr.
82.102.8.244 h82-102-8-244.host.redstation.co.uk.
82.142.77.154 154.77.142.82.static.b26.cz.
83.209.255.17 h83-209-255-17.cust.se.alltele.net.
84.109.38.78 bzq-84-109-38-78.cablep.bezeqint.net. bzq-84-109-38-78.red.bezeqint.net.
84.47.157.46
85.102.10.131 85.102.10.131.dynamic.ttnet.com.tr.
85.11.23.113 85-11-23-113.mariedal.ac.
85.157.25.6 z6.ip1.netikka.fi.
85.96.183.219 85.96.183.219.dynamic.ttnet.com.tr.
86.122.192.80 static-86.122.192.80.targujiu.rdsnet.ro.
86.124.84.158 client.rdsnet.ro.
86.35.26.109
86.6.124.90 cpc81826-swin19-2-0-cust89.3-1.cable.virginm.net.
87.119.65.98 87.119.65.98.client.entry.bg.
88.150.253.145 h88-150-253-145.host.redstation.co.uk.
88.247.42.225 88.247.42.225.dynamic.ttnet.com.tr.
88.97.99.195 88-97-99-195.dsl.in-addr.zen.co.uk.
88.98.90.19 88-98-90-19.dsl.in-addr.zen.co.uk.
90.151.129.24
91.148.72.107 107-72-148-91.bsbnet.net.
91.197.220.110
91.197.233.11
91.197.234.40
91.197.234.79
91.23.93.56 p5B175D38.dip0.t-ipconnect.de.
91.230.47.4
91.84.11.235
91.93.61.128 host-91-93-61-128.reverse.superonline.net.
92.112.121.191 191-121-112-92.pool.ukrtel.net.
92.252.242.166
92.72.30.157 dslb-092-072-030-157.092.072.pools.vodafone-ip.de.
93.153.41.222 93-153-41-222.tmcz.cz.
94.22.139.255 c511.ip16.netikka.fi.
94.249.127.4
94.254.8.204 h-8-204.A268.priv.bahnhof.se.
95.6.45.48 95.6.45.48.static.ttnet.com.tr.
95.76.229.16
95.86.142.44 host-95-86-142-44.smart.az.
96.126.13.216
96.83.210.123 96-83-210-123-static.hfc.comcastbusiness.net.
96.84.27.206 96-84-27-206-static.hfc.comcastbusiness.net.
96.86.100.14 96-86-100-14-static.hfc.comcastbusiness.net.
96.87.122.123 96-87-122-123-static.hfc.comcastbusiness.net.
96.90.33.42 96-90-33-42-static.hfc.comcastbusiness.net.