Security Incidents mailing list archives
Re: Qeustion!
From: reb () OPENRECORDS ORG
Date: Thu, 19 Oct 2000 14:07:29 -0500
Brian, The 'attacker' is probably looking for statd on port 111 to exploit. The different ip addresses that you see could have been generated with the Decoy option of nmap -D or with a distributed scan. I would verify that you are not running rpc services unnecessarily. Reb On Tue, 17 Oct 2000, Unenge Brian wrote:
Hi! I'm a newbee on this, so if anybody could help with (type3 - code13) I would appreciate it. I experience some kind of weird scanning on my network on port 111 (sunrpc) the scanning last for about 20 - 25 seconds from different networks WW. One from Korea one from Belgium one from Finland and some from US, is it possible to make any harm on this port, i am having serious trouble on my DNS server after this. If anyone could give me a hint I would be grateful. Thanks in advance Brian
Current thread:
- Qeustion! Unenge Brian (Oct 19)
- Re: Qeustion! reb (Oct 19)
- Re: Qeustion! Steve Stearns (Oct 20)
- Re: Qeustion! George Bakos (Oct 20)