Security Incidents mailing list archives
Re: First china, now russia?
From: chad () BEACHASSOCIATES COM (Chad Day)
Date: Mon, 31 Jan 2000 16:23:15 -0500
I have port 118 listed as sqlserv, and port 224 as masqdialer. Chad -----Original Message----- From: Joseph Geyer [mailto:jgeyer () POSTALINNOVATIONS COM] Sent: Sunday, January 30, 2000 3:14 PM To: INCIDENTS () SECURITYFOCUS COM Subject: First china, now russia? I've been getting scanned quite frequently from china (I basically have the entire country blackholed now). Now they are coming from russia. The curious thing is, they are using very interesting destination ports. Here take a look: (clipped) I understand what some of these ports could have listening on them, but I haven't seen anything that would run on ports 515,118,224, or 109. Anyone have a clue what this idiot could be looking for? I know port 109 is POP2, but who still uses pop2?? I also know that 515 is commonly used for the printer and I could see a potential for a problem there. But 118 and 224 still have me baffled. -Joe
Current thread:
- Re: First china, now russia? Pavel Kankovsky (Jan 31)
- <Possible follow-ups>
- Re: First china, now russia? Chad Day (Jan 31)
- Re: First china, now russia? Dave Dittrich (Jan 31)
- Re: First china, now russia? Dmitry Alyabyev (Feb 01)
- Re: First china, now russia? Thomas Ribbrock (Design/DEG) (Feb 01)