Security Incidents mailing list archives
What is this (port 7626 tcp)?
From: Bruce Parkinson <bruce.parkinson () PAVTECH CO NZ>
Date: Tue, 22 Aug 2000 09:04:48 +1200
Hi, I've checked several trojan port lists, without success. Any thoughts? Aug 21 04:54:27 gw ipmon[28005]: 04:54:27.299473 tun0 @0:34 b 202.11 0.40.45,2097 -> 203.96.193.75,7626 PR tcp len 20 48 -S Aug 21 04:54:30 gw ipmon[28005]: 04:54:30.263861 tun0 @0:34 b 202.11 0.40.45,2097 -> 203.96.193.75,7626 PR tcp len 20 48 -S Aug 21 04:54:36 gw ipmon[28005]: 04:54:36.245459 tun0 @0:34 b 202.11 0.40.45,2097 -> 203.96.193.75,7626 PR tcp len 20 48 -S Aug 21 04:54:48 gw ipmon[28005]: 04:54:48.177990 tun0 @0:34 b 202.11 0.40.45,2097 -> 203.96.193.75,7626 PR tcp len 20 48 -S Logs are from a fully patched OpenBSD 2.6 box. Only ports available from the outside are http and ssh. Thanks, Bruce ------------------------------------------------------- Bruce Parkinson Phone +64 7 838-2010 Systems Administrator Fax +64 7 838-0977 PavTech NZ Ltd & Mobile +64 25 545-142 Wave Internet bruce.parkinson () pavtech co nz PO Box 935, WMC Hamilton http://www.pavtech.co.nz/ NEW ZEALAND http://www.wave.co.nz/
Current thread:
- What is this (port 7626 tcp)? Bruce Parkinson (Aug 21)
- Re: What is this (port 7626 tcp)? Keith R. Jarvis (Aug 22)