|
Security Incidents
mailing list archives
Re: increase of scans against port 1524
From: Drew Schaffner <drew () bioeng ucsd edu>
Date: Wed, 5 Jun 2002 10:37:15 -0700 (PDT)
Another great reference for port searching is:
http://andrew.triumf.ca/cgi-bin/port
On Wed, 5 Jun 2002, GrdnWsl wrote:
AFAIK, this port is also used for the Trinoo trojan. I've been seeing
some scans on my on this port in my netblock as well... not too many,
but some. Although, I haven't really seen an increase per se. Anyhow,
you might want to check out www.neohapsis.com. They have, somewhere on
their site (can't remember where exacly) a list of ports and what
viruses/trojans/worms run on them. They also have a version in
/etc/services format. It's come in handy to figure out why a particular
port is being scanned.
High Speed wrote:
Hi,
last 2 days I noticed an increased scan against port 1524
ingreslock 1524/tcp ingres
ingreslock 1524/udp ingres
Are there known issues with this port ?
Recently found vulnerabilities ?
thanks
HS
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and
tracking system please see: http://aris.securityfocus.com
--
Drew Schaffner
Department of Bioengineering
University of California San Diego
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
|
Intro
