Re: Strange scan on 1433
From: dr john halewood (john@frumious.unidec.co.uk)Date: 05/21/02
- Previous message: Lee_Fisher@NAI.com: "RE: Increased connects to Port 1433"
- In reply to: Pavel Lozhkin: "Strange scan on 1433"
- Next in thread: Jason Robertson: "Re: Strange scan on 1433"
- Next in thread: Dias Sgt Kristin F: "RE: Strange scan on 1433"
- Reply: Jason Robertson: "Re: Strange scan on 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dr john halewood <john@frumious.unidec.co.uk> To: incidents@securityfocus.com Date: Tue, 21 May 2002 16:30:01 +0100
On Tuesday 21 May 2002 2:38 pm, Pavel Lozhkin wrote:
> I got a lot of scans today on port 1433 from numerous nets (part of them
> are .jp and .kr, but not all)
> Does anyone know what they're looking for on the port ?
> I've never been scanned on the port before.
I'm getting a lot of these as well. 1433 is the Microsoft SQL server port.
There's a number of tools doing the rounds at the moment looking for the all
too common ms-sql servers with blank sa (database admin) passwords, as well
as a few that exploit vulnerabilities in unpatched servers.
cheers
john
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Lee_Fisher@NAI.com: "RE: Increased connects to Port 1433"
- In reply to: Pavel Lozhkin: "Strange scan on 1433"
- Next in thread: Jason Robertson: "Re: Strange scan on 1433"
- Next in thread: Dias Sgt Kristin F: "RE: Strange scan on 1433"
- Reply: Jason Robertson: "Re: Strange scan on 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
