Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

6200/tcp

From: wiz () VORTEX UNIX KG (Werner Iknaroff-Zhikovsky)
Date: Sun, 9 Jul 2000 22:39:48 +0600

Hello people,
 Recently we have noticed quite a lot of probes for tcp/6200 port on our networks. Neither of our boxes is running the 
service so we feel so far. However we did some backchecks on machines where the scans were comming from and which we 
believe have been compromiced, and most of them were listening to port 6200. On our attempt to connect and put bogus 
data there we were getting constant `RET ERR' messages. I am just curious whether that is some sort of new backdoor 
being looked for or a vulneriable service?

Thanks in advance.
-Werber
Previous By Date Next
Previous By Thread Next

Current thread: