Somebody port scanned me on ports 33463, 33464, 33465, and 33467 and an instant later somebody scanned 33459, 33460, 33461, and 33463
170.224.176.50
170.224.176.49
From these two IP's. I backtraced them and it tells me its IBM.
OrgName: IBM
OrgID: IBM-1
Address: IBM Raleigh - IP Services Team
Address: 3039 Cornwallis Road
City: Reserach Triangle Park
StateProv: NC
PostalCode: 27709-2195
Country: US
NetRange: 170.224.0.0 - 170.227.255.255
CIDR: 170.224.0.0/14
NetName: IBM-COMMERCIAL
NetHandle: NET-170-224-0-0-1
Parent: NET-170-0-0-0-0
NetType: Direct Assignment
NameServer: RTPUSSXDNSB03.RALEIGH.MEBS.IHOST.COM
NameServer: RTPUSSXDNSB04.RALEIGH.MEBS.IHOST.COM
NameServer: BLDUSWXDNSB01.BOULDER.MEBS.IHOST.COM
NameServer: BLDUSWXDNSB02.BOULDER.MEBS.IHOST.COM
Comment:
RegDate: 1995-04-21
Updated: 2005-06-03
OrgTechHandle: NOCTE3-ARIN
OrgTechName: NOC Team
OrgTechPhone: +1-999-999-9999
OrgTechEmail:
noc@ibm.com
Why in hell would someone from IBM be port scanning me? Then my firewall blocked out traffic from both IP's for 600 seconds.
I'm just kind of curious, it seems as if someone tried to do a bad attack, but from IBM?? What do you think it is?