Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Odd logs

From: Muhammad Faisal Rauf Danka <mfrd () attitudex com>
Date: Wed, 4 Jun 2003 08:28:47 -0700 (PDT)
Quick search reveals that it has been found on various web statistics as well. That concludes to the probability that 
it is a signature of some web/cgi scanning utility.

Backdoor.OptixPro.11.b Trojan also by default uses the same port.

Regards
--------
Muhammad Faisal Rauf Danka


--- "Scott M. Algatt" <salgatt () turtleshell net> wrote:

I wasn't sure if I could get any help on this one.  I saw an odd entry in
one of my web server log files:

GET ~1.3.3.7:1337

The server is an IIS 5.0 server.  The only thing that I locate concerning
that port is that it was for DirectTV Catalog?

Any help would be appreciated.


Regards,

Scott M. Algatt

Behold the turtle. He makes progress only when he sticks his neck out.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! 
http://www.everyone.net/selectmail?campaign=tag
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: