Security Incidents mailing list archives
Re: Scans for telnetd on DNS servers.
From: "Pavel Kankovsky" <peak () argo troja mff cuni cz>
Date: Sat, 11 Mar 2006 11:20:36 +0100 (CET)
On Thu, 9 Mar 2006, Alex wrote:
Could this be a SSH scan by some stupid script kiddie that mistook the telnet port# for that of SSH?
It would have to be a kiddie with an army of zombies at his (or her) disposal. The probes came from hundreds (if not thousands) of different IPs and a small random sample I checked was able to finish the TCP 3-way handshake (and read a server greeting and disconnect) when it probed an address where a telnet server was listening and accessible. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- Scans for telnetd on DNS servers. Jay D. Dyson (Mar 04)
- Re: Scans for telnetd on DNS servers. Raistlin Majere (Mar 06)
- Re: Scans for telnetd on DNS servers. Pavel Kankovsky (Mar 09)
- Re: Scans for telnetd on DNS servers. Alex (Mar 09)
- Re: Scans for telnetd on DNS servers. Pavel Kankovsky (Mar 13)
- Re: Scans for telnetd on DNS servers. jim barchuk (Mar 14)
- Re: Scans for telnetd on DNS servers. Alex (Mar 09)
- <Possible follow-ups>
- Re: Re: Scans for telnetd on DNS servers. kmuskrat (Mar 13)