Full Disclosure mailing list archives
Re: Increased port 135 activity
From: security snot <booger () unixclan net>
Date: Sun, 21 Sep 2003 21:36:26 -0700 (PDT)
If all internet traffic were filtered, idiots like you would have no useless statistics to quote, and if you did, no place to quote them. Not too long ago CERT reported increased scans for tcp 135, 139 and made the observation that there was likely to be increased exploitation of "anonymous shares" on Windows machines. How silly they looked when it turned out there were multiple exploits for Samba being distributed by dvdman, and mass exploitation of this service by every #vuln/#darknet hacker. "oh, something else runs on that port too!" - The Cert Pedophile (friend of KF) Anyhow, have a nice day. ----------------------------------------------------------- "Whitehat by day, booger at night - I'm the security snot." - CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ - ----------------------------------------------------------- On Sun, 21 Sep 2003, Paul Tinsley wrote:
Does this bother anybody else? http://isc.incidents.org/port_details.html?port=135 Todays numbers are higher than what was seen with blaster (the green peak on the 11th): http://isc.incidents.org/port_details.html?port=135&repax=1&tarax=2&srcax=2&percent=N&days=70&Redraw= Maybe I am just being paranoid but this doesn't give me a good feeling... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Increased port 135 activity Paul Tinsley (Sep 21)
- Re: Increased port 135 activity security snot (Sep 21)
- Re: Increased port 135 activity Paul Tinsley (Sep 21)
- Re: Increased port 135 activity Richard Johnson (Sep 22)
- Re: Increased port 135 activity Paul Tinsley (Sep 21)
- Re: Increased port 135 activity security snot (Sep 21)