RE: Probes to strange ports
From: Kinsey, Robert (Robert.Kinsey@Veridian.com)Date: 03/07/02
- Previous message: Kenneth Wilson: "Probes to strange ports"
- Maybe in reply to: Kenneth Wilson: "Probes to strange ports"
- Next in thread: H C: "RE: Probes to strange ports"
- Reply: H C: "RE: Probes to strange ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kinsey, Robert" <Robert.Kinsey@Veridian.com> To: "'Kenneth Wilson '" <barney458@hotmail.com>, "'incidents@securityfocus.com '" <incidents@securityfocus.com> Date: Wed, 6 Mar 2002 16:24:09 -0800
Kenneth,
Same results looking for those ports. Can you explain the activity a little
further?
What KIND of traffic are you seeing on these ports? Are they to one
particular system? If so, have you run any analysis tools on it (i.e.
TDImon, or FileMon, etc...)?
Is there any kind of consistency to the packets? Are they all TCP or is
there UDP as well? Is it at a certain time? What kind of systems are you
seeing the activity on? OS? versions? Apps involved (if identified)?
Rob
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Kenneth Wilson: "Probes to strange ports"
- Maybe in reply to: Kenneth Wilson: "Probes to strange ports"
- Next in thread: H C: "RE: Probes to strange ports"
- Reply: H C: "RE: Probes to strange ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
