RE: Port UDP 3049
From: Ryan Russell (ryan@securityfocus.com)Date: 03/11/02
- Previous message: Patrick Andry: "Re: SMTP Probe/Attack?"
- In reply to: Paulo.Sedrez@weavers.com.br: "RE: Port UDP 3049"
- Next in thread: Thomas Akin: "Re: Port UDP 3049"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Mar 2002 09:39:19 -0700 (MST) From: Ryan Russell <ryan@securityfocus.com> To: Paulo.Sedrez@weavers.com.br
On Mon, 11 Mar 2002 Paulo.Sedrez@weavers.com.br wrote:
> 3049 is the CFS - Cryptografic File System - service port. Those scans are
> probably probing for some weak - or absent - password for a file system.
What I'm looking at is a virus that was posted to vuln-dev last week:
http://online.securityfocus.com/archive/82/259719
I realize that 3049 is used for CFS, but what I'm looking for is a
specially-formatted UDP packet that is designed to send commands to the
backdoor this virus installs.
Ryan
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Patrick Andry: "Re: SMTP Probe/Attack?"
- In reply to: Paulo.Sedrez@weavers.com.br: "RE: Port UDP 3049"
- Next in thread: Thomas Akin: "Re: Port UDP 3049"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
