Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: .NET REMOTING on port 31337

From: "The Security Community" <thesecuritycommunity () gmail com>
Date: Fri, 28 Sep 2007 13:55:33 -0400
The last time I saw anything on port 31337 (ELEET) it was during a
vulnerability assessment.  We shut it down and stopped the assessment.
 Management wouldn't let us investigate, then blew the cover on the
assessment a week or two later.

It's almost always bad, but you may just have an admin with a stupid
sense of humor.

31337 should always throw a red flag.

On 9/28/07, Simon Smith <simon () snosoft com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Has anyone ever heard of .NET REMOTING running on port 31337? If so,
have you ever seen it "legitimate"?


- --

- - simon

- ----------------------
http://www.snosoft.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG/Tpqf3Elv1PhzXgRAmOlAKCwOeb3tY1qp8KK/Z4fMYxLOB50nwCcDxCx
Io9uFQH7RLDVdo5QDc36+n4=
=Nz1q
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: