|
Security Incidents
mailing list archives
Re: New script-kiddie looking scan
From: Chris Ess <azarin () tokimi net>
Date: Tue, 18 Jun 2002 19:27:04 -0400 (EDT)
WinAmp leaves me baffled. Maybe someone can answer that part of the
equation.
Often people with cable or dsl download a lot of mp3's because the bandwith is available.
Perhaps also waiting for a winamp hole to surface for use with ddos nets? Perhaps one
already exists which isn't known?
The problem is that Winamp doesn't listen on 8000 normally -- at least in
my experience. Shoutcast servers (used for streaming mp3s for such things
as Internet 'radio stations') listen on ports 8000 to 8002. At the
beginning of this month, a remote buffer overflow vulernability was
announced for Shoutcast 1.8.9. The link is below:
http://online.securityfocus.com/bid/4934
Also, I have seen several proxies use port 8000 instead of 8080, so that
may be what the parties responsible are looking for.
Hope this helps.
Sincerely,
Christopher Ess
System Administrator / CDTT (Certified Duct Tape Technician)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
Re: DOS by Flooding a Network Skip Carter (Jun 17)
Re: DOS by Flooding a Network W.G. Iyer (Jun 17)
| 
Intro
