Security Incidents mailing list archives
Re: port 5232/TCP scans
From: Jens Hektor <hektor () RZ RWTH-AACHEN DE>
Date: Sat, 18 Nov 2000 08:41:17 -0000
Hi, RWTH Aachen had this back in August, a scan for
5232/tcp open sgi-dgl
and some minutes later 4 cracked boxes (3 by the telnetd feature, one by objectserver). SSH backdoor installed on a hiport, the usual trojans (login, ps, netstat) and in one case an IRC bot. Bye, Jens
Current thread:
- Re: port 5232/TCP scans Jens Hektor (Nov 21)