<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: ingreslock message

Re: ingreslock message

From: H D Moore <hdm_at_SECUREAUSTIN.COM>
Date: Tue, 7 Mar 2000 13:05:29 -0600

Ingreslock is the most common port that crackers put thier rootshells
on, because the majority of system admins don't know what it is and may
overlook it easily. It was probably just some script kiddie (or
"security consultant" who knows these days) scanning for forgotten
rootshells.

-HD

Dino Amato wrote:
>
> I logged this:
> Mar 5 15:58:23 monitor tcplogd: ingreslock connection attempt from unknown_at_sleipnir1.cs.ucl.ac.uk
> what does the ingreslock mean and what was this person trying to do?
> Thanks
Received on Mar 07 2000

This message: [ Message body ]
Next message: Eric Maiwald: "Re: ingreslock message"
Previous message: Robert Graham: "Re: ingreslock message"
In reply to: Dino Amato: "ingreslock message"
Next in thread: Eric Maiwald: "Re: ingreslock message"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos