Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Fwd: TCP Port 42 port scans? What the heck over...
From: wastedimage <wastedimage () gmail com>
Date: Thu, 16 Dec 2004 14:32:44 -0600

I'm just curious if its moved past the scanning phase and someone is
actively trying to exploit a box.  A quick look at any traffic would
answer this.


On Thu, 16 Dec 2004 15:18:47 -0500, Valdis.Kletnieks () vt edu
<Valdis.Kletnieks () vt edu> wrote:
On Tue, 14 Dec 2004 16:33:59 CST, wastedimage said:
can anyone provide me with a traffic sample of this?  I would really
like to see if this is the actual exploit or just a script kiddy
trying his little heart out.

What's this '*THE* actual exploit' stuff? These things are rarely unique ;)

And how do you count "script kiddy with *some other* actual exploit that
happens to have the wrong offset for the SP you happen to be running"?

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]