|
Security Incidents
mailing list archives
RE: scans on port 57
From: "Vince Hillier" <vdh () plutonium homeunix com>
Date: Wed, 13 Nov 2002 05:09:00 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Check out this link:
http://online.securityfocus.com/archive/75/299560/2002-11-10/2002-11-16/0
Vince Hillier
vdh () plutonium homeunix com
http://plutonium.homeunix.com
- - -----Original Message-----
From: Ingersoll, Jared [mailto:jared () cswv com]
Sent: Tuesday, November 12, 2002 5:01 AM
To: incidents () securityfocus com
Subject: scans on port 57
I'm seeing a lot of blocked scans on port 57 in my firewall logs, many times
in conjunction with a port 80 or port 21 scan. I was working under the
assumption that these were related to a misconfigured port scanner, but I'm
seeing them from a pretty diverse set of source addresses, so now I'm
curious what they're looking for.
jared
- - ----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0 (Build 349) Beta
iQA/AwUBPdJO7EBtW3tWqkVxEQKLyACgr4f83aUkLAQYJSx/D4ZgCHorHG8AoJkL
3FsYVQmy7cuVYGMEtloZ6b9a
=hcAy
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
|
Intro
