Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: port 5232/TCP scans

From: Jens Hektor <hektor () RZ RWTH-AACHEN DE>
Date: Sat, 18 Nov 2000 08:41:17 -0000
Hi,

RWTH Aachen had this back in August, a scan for


5232/tcp   open        sgi-dgl


and some minutes later 4 cracked boxes (3 by the
telnetd feature, one by objectserver).

SSH backdoor installed on a hiport, the usual
trojans (login, ps, netstat) and
in one case an IRC bot.

Bye, Jens
Previous By Date Next
Previous By Thread Next

Current thread: