Re: [Full-Disclosure] big activity

From: coderman (coderman_at_charter.net)
Date: 12/03/03

Next message: Tri Huynh: "[Full-Disclosure] Yahoo Instant Messenger YAUTO.DLL buffer overflow"

Previous message: Nick FitzGerald: "Re: [Full-Disclosure] Increase probe on UDP port 1026"
In reply to: misiu__at_gmx.de: "[Full-Disclosure] big activity"
Next in thread: misiu__at_gmx.de: "Re: [Full-Disclosure] big activity"
Reply: misiu__at_gmx.de: "Re: [Full-Disclosure] big activity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Tue, 02 Dec 2003 19:31:22 -0800

misiu_@gmx.de wrote:

>...
>BitTorrent protocol header has been detected
>... A BitTorrent
>protocol header has been detected on a default BitTorrent port. This
>signature detects attempts to connect to one of the default BitTorrent ports
>(6881-6889)
>Does anyone seeing this too?
>
>
Two questions:

1. are you on a dynamic IP address? The bittorrent tracker will cache
peer information for an arbitrarily long amount of time.

2. are you using any p2p software or other application that might be
using bittorrent under the hood?

In either case, this should be merely annoyance, and not represent
any kind of attack or potential danger.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Tri Huynh: "[Full-Disclosure] Yahoo Instant Messenger YAUTO.DLL buffer overflow"

Previous message: Nick FitzGerald: "Re: [Full-Disclosure] Increase probe on UDP port 1026"
In reply to: misiu__at_gmx.de: "[Full-Disclosure] big activity"
Next in thread: misiu__at_gmx.de: "Re: [Full-Disclosure] big activity"
Reply: misiu__at_gmx.de: "Re: [Full-Disclosure] big activity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]