Security Incidents mailing list archives

Re: morpheus/kazaa probes/scans

From: Mike Damm <miked () symetrix net>
Date: Mon, 11 Feb 2002 22:34:03 +0000 (GMT)

last week, the targeted systems, which reside on roadrunner cablemodem

...

anybody else seen an increase in morpheus/kazaa scans, or have any insight
into the reasons (new vuln scanning tool, new morpheus/kazaa exploits,
etc)?


As noted on bugtraq, accessing a Morpheus/Kazaa user directly via port
1214 bypasses the clients built-in limitations on the number of concurrent
downloads. 

If your on a large cable provider, your most likely just getting scanned
by kids looking for music and movies.

This would explain the .gov and .edu sources also. Blackhats do read the
securityfocus lists too.

        -Mike Damm




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

morpheus/kazaa probes/scans k (Feb 11)
- Re: morpheus/kazaa probes/scans Raistlin (Feb 11)
- Re: morpheus/kazaa probes/scans Mike Damm (Feb 11)
- Re: morpheus/kazaa probes/scans Russell Fulton (Feb 11)
- <Possible follow-ups>
- RE: morpheus/kazaa probes/scans BRAD GRIFFIN (Feb 11)
  - Re: morpheus/kazaa probes/scans Troy D. Strum (Feb 12)