Security Incidents mailing list archives
Re: Port 109 scanning
From: azimuth <lozah () io com>
Date: Mon, 6 Nov 2000 17:34:26 CST
Howdy, They're not necessarily looking to exploit POP2. By developing a list of systems running POP2, they can go back and look for something more tasty. A system running POP2 is one sign of an ill-configured & neglected Linux box ... as is one listening to port 98 (linuxconf). If you build a list of systems running one of those services, chances are strong the systems are running more commonly exploited services. Much more profitable to use this technique than, say, scanning for every FTP server in the world looking for vulnerable versions of WU-FTP. my $.02, cheers, az
Current thread:
- Port 109 scanning A.L.Lambert (Nov 07)
- Re: Port 109 scanning Jay D. Dyson (Nov 08)
- Re: Port 109 scanning Jander Sunstar (Nov 08)
- <Possible follow-ups>
- Re: Port 109 scanning azimuth (Nov 08)
- Re: Port 109 scanning Fernando Cardoso (Nov 08)
- Re: Port 109 scanning Andy Duncan (Nov 08)