Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: RE: Scanning Port UDP 4668

RE: Scanning Port UDP 4668

From: Ken Grossman <kgrossman_at_dazzling.com>
Date: Tue, 06 Aug 2002 11:30:55 -0400

I wish to thank every one who provided information and suggested steps to
me. As I stated in the original e-mail message, I was interested in
finding out what the systems were looking for since the scans were being
stopped at the perimeter. The organization that originally brought the
information to my attention believes the following is the source of these
scans.

There's a P2P utility called EDonkey that uses UDP 466x and allows any
edonkey user to publish an IP and port of a peer. Apparently, someone
mistyped an IP address; hence the scans.

Again thanks to everyone for their assistance.

Ken Grossman, CISSP
kgrossman_at_dazzling.com
(202) 401-7142

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Aug 06 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos