Security Basics mailing list archives
RE: Strange Connection Attempts
From: "Tim Heagarty" <tim () heagarty com>
Date: Mon, 17 Feb 2003 10:57:12 -0700
Port 17300 is apparently the backdoor of Kuang2. I've gotten a few hits of it myself on a little ol' dialup line. Tim Heagarty MCSE, MCP+I "There are only 10 kinds of people in the world, those that understand binary, and those that don't." Work: (928) 636-0489 Cell: (928) 533-9690 -----Original Message----- From: Keith T. Morgan [mailto:keith.morgan () terradon com] Sent: Friday, February 14, 2003 11:23 PM To: Hankes, Christopher A Cc: security-basics () securityfocus com Subject: RE: Strange Connection Attempts Yeah. We've seen these as well. Ours came packed with a portscan for port 23, 67 (TCP) 1756, tcp 6112, and tcp 9001. We've also seen a marked increase in scans for tcp port 3389 (ms terminal services). Additionally, we've seen some odd scans for tcp 17300. I haven't taken the time yet to see what runs on 17300 tcp.
-----Original Message----- From: Hankes, Christopher A [mailto:Christopher.A.Hankes () uwsp edu] Sent: Friday, February 14, 2003 1:05 PM Cc: security-basics () securityfocus com Subject: Strange Connection Attempts As of about 2:00 am cst 2/14/03 I have been receiving connection attempts on my router to port 1756(caplast-lmd). Has any one seen this too? Are there any know vulnerabilities on that port? I have been getting a connection attempt about every 10-15 seconds. It's almost like a DoS attack. Anyone have any thoughts.=20 Thanks Christopher Hankes CIS major University of Wisconsin -Stevens Point
Current thread:
- Strange Connection Attempts Hankes, Christopher A (Feb 14)
- <Possible follow-ups>
- RE: Strange Connection Attempts Keith T. Morgan (Feb 17)
- RE: Strange Connection Attempts Tim Heagarty (Feb 17)
- RE: Strange Connection Attempts Kinsey, Robert (Feb 18)
- RE: Strange Connection Attempts fixer (Feb 18)
- Re: Strange Connection Attempts Charles Hamby (Feb 19)
- RE: Strange Connection Attempts Trevor Cushen (Feb 20)
- Windows 2000 Server Attacks Paul Stewart (Feb 20)
- Re: Windows 2000 Server Attacks Su Wadlow (Feb 22)
- Windows 2000 Server Attacks Paul Stewart (Feb 20)