SOCKs Proxy requests
Every once in a while I see a SOCKS proxy server request in my log files. I don’t have a SOCKS proxy server and no one should ever think that I do. Therefore the only conclusion I can come to is that any traffic on port 1080, which is desiginated for SOCKS is a hacker. I personally suggest that unless you have a SOCKS server in your organization that you block, ban or disable any traffic from any IP address that makes wanted requestions on port 1080 and do it on the first offense. Make sure that any hackers known and understand that they are not welcome and they will not return. If the problem is being generated by a virus or spyware eventually the person will get the problem resolved. Especially if they start getting thier IP banned from everywhere. So clearing your ban list every week or month is not too bad and idea.
