Security Incidents mailing list archives

AW: Port 2000, 2002 scans

From: "Roth, Peter" <security () PEROTECH CH>
Date: Tue, 12 Sep 2000 09:06:41 +0200

Hi

in deerfields mdaemon port 2002 is used as webadmin-port by default.
port 2000 is used for webmail-interface.

there are some known exploits for mdaemon in various version.

greetings

Peter Roth
Perotech GmbH

***************************************
Perotech GmbH, Peter Roth
Gewerbestrasse 12a, CH-8132 Egg
Tel. +41 1 9947606 / Fax +41 1 9947605
roth () perotech ch http://www.perotech.ch
***************************************

-----Ursprüngliche Nachricht-----
Von: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]Im
Auftrag von L.A. Smith
Gesendet: Montag, 11. September 2000 23:28
An: INCIDENTS () SECURITYFOCUS COM
Betreff: Port 2000, 2002 scans


Hello!

I have had hundreds of complaints from one user about port scans on his PC
for ports 2000 and 2002.  I know 2000 can be used for OpenWin.  I haven't
been able to get a straight answer from this person about what they're
running but seeing as they use Jammer as their firewall software (heh, not
my idea!), they must be running Windoze of some sort.  Could someone shed
some light as to what hundreds of IP addresses would want with their port
2000 and 2002?

Thanks!

Current thread:

Port 2000, 2002 scans L.A. Smith (Sep 12)
- Re: Port 2000, 2002 scans Elias Levy (Sep 12)
- AW: Port 2000, 2002 scans Roth, Peter (Sep 12)
- Re: Port 2000, 2002 scans Erik Tayler (Sep 12)
- <Possible follow-ups>
- Re: Port 2000, 2002 scans Arnold, Jamie (Sep 12)
  - Re: Port 2000, 2002 scans Erik Tayler (Sep 13)
- Re: Port 2000, 2002 scans Bruce Anhalt (Sep 13)
- Re: Port 2000, 2002 scans Stone, Sgt Michael A (Sep 13)