Firewall Wizards mailing list archives
Re: UDP: port 31790 -> 31789
From: John Ladwig <jladwig () nts umn edu>
Date: Tue, 16 Nov 1999 10:25:05 -0600 (CST)
[Charset iso-8859-1 unsupported, filtering to ASCII...]
hello all, our firewall logs a lot of packets, coming in from port 31790 to port 31789, udp protocol. it seems to be a quite usual scan attack. has anybody encountered anything equal or can anybody explain to me, what kind of software the possible attacker is expecting at port 31789? any hints are greatly appreciated
Scuttlebutt from other parts of my institution is there are ports in that range (tcp and udp) that are commonly mapped to RPC services like ypserv on Solaris. There may be others, naturally. We see scans/probes on these ports pretty regularly. -jml
Current thread:
- UDP: port 31790 -> 31789 Jan Stifter (Nov 16)
- Re: UDP: port 31790 -> 31789 John Ladwig (Nov 17)
- Re: UDP: port 31790 -> 31789 Shane Macaulay (Nov 18)
- <Possible follow-ups>
- Re: UDP: port 31790 -> 31789 Robert Graham (Nov 17)