Re: Exploit on tcp/4128?
From: Doug Rutherford (druther_at_yukoncollege.yk.ca)
Date: Mon, 14 Feb 2005 15:52:04 -0800 To: email@example.com
David Gillett wrote:
> 3128 is a commonly-scanned proxy port. Maybe it's a typo?
3128 is actually the port used for Squid. The Reverse WWW Tunnel (tcp) and Ring Door (tcp
and udp) trojans also use this port.
There is a note on the ISC web site
that suggests that the MyDoom worm may also use this port if 3127 (its default) is in use
for something else.
Hope this is of some help...
-- Doug Rutherford Professional Studies Division Yukon College, PO Box 2799, Whitehorse, YT, Y1A 5K4