Re: Port 901
From: armin walland (geschrei_at_gmx.at)
Date: Sun, 19 Oct 2003 04:13:40 GMT
Mungo <firstname.lastname@example.org> wrote:
> If the increased traffic persists, I might sample a few tomorrow or Monday
> and see if the fingerprint looks new. Sounds like someone could be testing
> a new exploit.
nothing unusual here (austria),
root # wc -l messages
root # grep -c DPT=901 messages
> Meanwhile, it goes without saying that everyone running Samba should make
> sure Port 901 is firewalled off.
A) should not be running swat
B) should not run a fileserver on system accessable from the internet
-- my life, my universe, my everything http://www.dtch.org