Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: ftp scans and socks

ftp scans and socks

From: Mark Borrie <mark_at_gandalf.otago.ac.nz>
Date: Wed, 1 Aug 2001 17:07:49 +1200

Hi all

I am watching a solaris system that appears to be conducting ftp scans of
remote IPs. Looking at the traffic to and from our system I am seeing a
socks port (1080) connection immediately prior to each attempted ftp
connection.

Does any one know of any expoits that use sockd to carry out ftp (or other)
scans?

Mark. 

--
Mark Borrie
Systems Support Specialist and IT Security Officer,
Information Technology Services, University of Otago,
Dunedin, N.Z.
Ph +64 3 479-8395, Fax +64 3 479-5080
For information on email virus hoaxes see
http://HoaxBusters.ciac.org/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Received on Aug 01 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos