Snort mailing list archives
Re: port 12345
From: "J. Craig Woods" <drjung () sprynet com>
Date: Wed, 27 Mar 2002 16:31:57 -0600
"Sean T. Ballard" wrote:
Netbus is a well known and widely used windows trojan horse. That traffic is probably someone scanning for hosts running default netbus servers with null passwords. You should only worry if that traffics is originating from your network or connecting to servers on your DMZ. -Sean
Thanks to everyone for the great responses. Being more familiar with UNIX/Linux, I guess this windows' trojan got by me (info that is, not the actual bad boy itself). Must be great to pay so much to be so vulnerable :-) -- J. Craig Woods UNIX/NT Network/System Administration -Art is the illusion of spontaneity- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- port 12345 Craig Woods (Mar 27)
- Re: port 12345 SAHUT Christophe (Mar 27)
- Re: port 12345 Blake Frantz (Mar 27)
- <Possible follow-ups>
- RE: port 12345 Fallon, Benjamin (Mar 27)
- RE: port 12345 Sean T. Ballard (Mar 27)
- Re: port 12345 J. Craig Woods (Mar 27)
- RE: port 12345 Semerjian, Ohanes (Mar 27)