Re: Strange back-orifice looking scan...
From: Jeff Kell (jeff-kell@utc.edu)Date: 09/05/02
- Previous message: KoRe MeLtDoWn: "Re: Strange back-orifice looking scan..."
- In reply to: KoRe MeLtDoWn: "Re: Strange back-orifice looking scan..."
- Next in thread: Neil Dickey: "Re: Strange back-orifice looking scan..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 04 Sep 2002 22:32:09 -0400 From: Jeff Kell <jeff-kell@utc.edu> To: KoRe MeLtDoWn <koremeltdown@hotmail.com>
KoRe MeLtDoWn wrote:
>
> Hey Jeff,
> Port 1214 used by Kazaa aka Morpheus, this is obviously the remote port that
> the "scanner" is using. Port 31336 IS used by Back Orifice 2000 aka BO2k aka
> DeepBO (this is a special release of BO btw).
But this is UDP, not TCP.
> however they are
> actively portscanning either your network I wasnt sure if it was a network
> you had) or just your lone box.
It is an overloaded NAT, not a lone box.
Jeff
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: KoRe MeLtDoWn: "Re: Strange back-orifice looking scan..."
- In reply to: KoRe MeLtDoWn: "Re: Strange back-orifice looking scan..."
- Next in thread: Neil Dickey: "Re: Strange back-orifice looking scan..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
