Firewall Wizards mailing list archives
Re: patternmatch for scan
From: "Chuck Swiger" <chuck () codefab com>
Date: Tue, 22 Feb 2000 15:23:11 -0500
On Sat, 19 Feb 2000 08:56:21 -0500, Kenneth_W_Fox () sbphrd com wrote:
Is anyone familiar with an attack or probe which begins or ends with scanning only ports 3128 & 8080 on a target box? I've been seeing alot of this lately in various places.
3128 is the default port used by the Squid web proxy; 8080 is another common port used either by a web server run by a normal user (as opposed to port 80, which requires root) or as another common port for proxying. -Chuck Chuck 'Sisyphus' Swiger | chuck () codefab com | Bad cop! No Donut. ------------------------+-------------------+-------------------- I know that you are an optimist if you think I am a pessimist....
Current thread:
- RE: patternmatch for scan Daniel Brady (Feb 23)
- <Possible follow-ups>
- RE: patternmatch for scan Zimmermann, Rolf (Feb 23)
- Re: patternmatch for scan Robert Graham (Feb 23)
- Re: patternmatch for scan Anthony DeBoer (Feb 23)
- RE: patternmatch for scan Martin Machacek (Feb 23)
- Re: patternmatch for scan Rick Ballard (Feb 23)
- Re: patternmatch for scan Cliff Rayman (Feb 24)
- Re: patternmatch for scan Chuck Swiger (Feb 24)
- Re: patternmatch for scan Neil Ratzlaff (Feb 24)
- Re: patternmatch for scan Laurent LEVIER (Feb 24)