PopAdStop (was dst port 1026)

From: Johannes B. Ullrich (jullrich_at_sans.org)
Date: 12/05/03

Next message: Jeff Bryner: "RE: udp and dst port 1026"

Previous message: Jeff Kell: "Re: Flood of bad DNS queries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: incidents@securityfocus.com
Date: Thu, 04 Dec 2003 23:10:29 -0500

An old version of 'PopAdStop' (last weeks at least) did contain code to
scan port 1026/30 and if it found it open, it sent the ad for the
software.

For a couple traces and such, see
http://isc.sans.org/diary.html

-- 
CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 786 1563            
  fax: (617) 786 1550                          jullrich@sans.org

application/pgp-signature attachment: This is a digitally signed message part

Next message: Jeff Bryner: "RE: udp and dst port 1026"

Previous message: Jeff Kell: "Re: Flood of bad DNS queries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]