[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Constant connection attempts port 25, 587, 465

Posted on 2011-10-12
4
Medium Priority
?
357 Views
Last Modified: 2012-05-12
Hello. We recently purchased an ASA 5510 and opened up mail.domain.com to outlook web access

I am seeing constant connection attempts from 32.174.168.27, random ports on their side, ports 25, 587, 465 on ours. Connections are denied by access list because only port 443 forwards, but I have been seeing these for a few days, just straight "deny"..

I checked, and config looks correct, I can't telnet or connect to any of those ports - so if that's the case, why does the other party keep probing?

the exact deny message I see in adsm is "deny tcp src outside:32.174.168.27/49555 dst inside:owaserver.internal.domain/587 by access-group "INCOMING"

Connections are bouncing off as it should it seems, but worried anyway? Any way to block that IP all together so it wouldn't even show up on the logs (I do have an ip deny <address> in the INCOMING acl for that ip)

Thanks..

Thanks
0
Comment
Question by:arthurk123
  • 2
  • 2
4 Comments
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 36959791
It looks like it is coming from a cell phone at "mobile-032-174-168-027.mycingular.net".  Could it be one of your users trying to connect?
0
 

Author Comment

by:arthurk123
ID: 36962571
excellent observation, you deserve points just for that. I'll look into it

As far as the question is concerned - if I'm seeing repetitive attempts that are denied, is that of any concern?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 36963257
Repetitive attempts are a concern.  That tells me that either someone is trying to break in or one of your users can't figure out how to access their account properly.
0
 

Author Comment

by:arthurk123
ID: 36963355
Thank you
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Considering cloud tradeoffs and determining the right mix for your organization.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question