Security Incidents mailing list archives
Re: Port 109 Scans
From: ident () LINEONE NET (Stone)
Date: Sun, 7 May 2000 01:24:16 +0100
Hi There is a commonly known exploit for pop2 server that gives root priviledges, this is the reason for the increase in recent pop2 port scanning. Hope that helps, Chris. ----- Original Message ----- From: "Eric Maiwald" <emaiwald () FRED NET> To: <INCIDENTS () SECURITYFOCUS COM> Sent: Thursday, May 04, 2000 2:14 PM Subject: Port 109 Scans
We are seeing a large number of scans to port 109 (POP2). I posted a question on this about a month ago and no one had any good ideas what the scanners were looking for. Anyone have any better ideas? Is there something new in POP2 or are these individuals just looking for old systems? Eric --------------------------------------------------------------------- Eric Maiwald emaiwald () fred net So Many Hobbies, So little time ---------------------------------------------------------------------
Current thread:
- Re: Lots netbios scans (udp 137), (continued)
- Re: Lots netbios scans (udp 137) Greg A. Woods (May 03)
- Re: Lots netbios scans (udp 137) Bryan Andersen (May 03)
- odd message showing up logs... Josh Burroughs (May 04)
- Re: odd message showing up logs... Rick Redman (May 06)
- amd exploit(ed)? Paulo Ribeiro (May 07)
- Re: amd exploit(ed)? Mike Murray (May 08)
- Re: amd exploit(ed)? Erich Meier (May 09)
- Re: amd exploit(ed)? Jim Zajkowski (May 09)
- Re: odd message showing up logs... Robert Graham (May 07)
- Port 109 Scans Eric Maiwald (May 04)
- Re: Port 109 Scans Stone (May 06)
- Re: Lots netbios scans (udp 137) Erich Meier (May 04)
- Re: Lots netbios scans (udp 137) Greg A. Woods (May 04)
- Oversized packets Paulo Ribeiro (May 04)
- Re: Oversized packets Keith Owens (May 06)
- Re: Lots netbios scans (udp 137) Greg A. Woods (May 03)