Surge of attacks on ports 61127 & 61134
From: Joseph (joseph@netSecureLabs.CA)Date: 07/25/02
- Previous message: David Conrad: "Re: Bind 9.2.X exploit???"
- In reply to: David Conrad: "Re: Bind 9.2.X exploit???"
- Next in thread: Joseph: "Re: Surge of attacks on ports 61127 & 61134"
- Reply: Joseph: "Re: Surge of attacks on ports 61127 & 61134"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Jul 2002 14:55:33 -0400 (EDT) From: Joseph <joseph@netSecureLabs.CA> To: incidents@securityfocus.com
This morning my logs showed me a surge of new UDP packets attacks, mainly
to ports 61127 & 61134 . I can't find any info on this, so I'm wondering
what it can be.
It seems very well known, if I can say, because source IPs are from
everywhere, I must have gotten a good 50-80 probes.
I see alot different *dip.t-dialin.net orgin sources, which
*dip.t-dialin.net seems to make the top 10 attack list at dshield and
incidents' website.
Curious, new virus? or attack tool?
I don't have a log of the packet, justs its denial attempt. Normally, all
my attacks are standard stuff, this pops out like really new...
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: David Conrad: "Re: Bind 9.2.X exploit???"
- In reply to: David Conrad: "Re: Bind 9.2.X exploit???"
- Next in thread: Joseph: "Re: Surge of attacks on ports 61127 & 61134"
- Reply: Joseph: "Re: Surge of attacks on ports 61127 & 61134"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
