|
Full Disclosure
mailing list archives
Re: Anyone else exoeriencing blasts o' port 6129 TCP?
From: "Rob Schrack" <rob_schrack () urmc rochester edu>
Date: Sat, 3 Jan 2004 18:04:27 -0500
Oh yeah... just after Christmas, 6129 accounted for maybe 25% of the packets
we submitted to dshield. In the past 5 days, they've accounted for nearly
1/2 of two million plus packets.
I've been wonderin' if anyone else had been seeing it....
----- Original Message -----
From: "Jim Race" <caferace () well com>
To: "LC" <full-disclosure () lists netsys com>
Sent: Saturday, January 03, 2004 12:37 PM
Subject: [Full-disclosure] Anyone else exoeriencing blasts o' port 6129 TCP?
I noticed some action the previous 48 hours, and on checking logs this
morning it seems that port 6129 (DameWare Remote Admin) was the common
factor. ISC seems to have it on the top of their trends list:
http://isc.sans.org/top10.html
hmmmm.
-jim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
| 
Intro
