|
Security Incidents
mailing list archives
Re: Keep connecting to remote host on port 7869
From: Anthony LaMantia <contact () bia-security com>
Date: 25 Oct 2002 21:45:04 -0500
do you have a dump of the data inside the packet? port 7869 is the
default port of php debugger i dont know how that is helpfull to you but
data dump would help
Anthony LaMantia
http://www.bia-security.com
On Thu, 2002-10-24 at 22:04, Frank Cheong wrote:
I got a question with my redhat linux host (which is a mail host) keep
connecting to other remote host quite frequently on remote port 7869 and I
m receiving these firewall log almost every minutes. Could someone give me
hints so that I can further isolate the problem or trim down the scope to
find out the real cause.
Below is the firewall log (IP address being modified) :
10/23/2002 11:13:36.640 - TCP connection dropped -
Source:123.123.123.123, 51321, LAN -
Destination:234.234.234.234, 7869, WAN - Type: 786 -
Rule 66
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
| 
Intro
