Vulnerability Development: Possible probe of port 137 using udp 50?????

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Possible probe of port 137 using udp 50?????

From: Carder James O CNIN CONT <CarderJO () cninexchsrv08 crane navy mil>
Date: Mon, 13 Aug 2001 08:10:04 -0500

Hi Everybody,

        Just got a quick question.  I was reviewing logs on my shadow box
and noticed that for a period of a couple hours we had packet conversation
between two hosts ( one local and one remote ) through port 137 using udp
50.  My PIX acl's dont have any ruleset to allow this network in at all
except through say port 80 to our web servers.  Is this a known attack or
probe?  Thanks.

James Carder

By Date By Thread

Current thread:

Possible probe of port 137 using udp 50????? Carder James O CNIN CONT (Aug 13)
- <Possible follow-ups>
- RE: Possible probe of port 137 using udp 50????? Skinner, Kit (Aug 13)