Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: isakmp

From: "Portnoy, Gary" <gportnoy () belenosinc com>
Date: Thu, 2 Aug 2001 14:19:42 -0400 
I couldn't find it now, but i think last week someone mentioned that if the
default setting on a W2k server is to attempt a secure connection, it will
send out this 500/udp probe to try contact the other code and negotiate IKE.
If you review your logs, you'll probably see this udp/500 probe quickly
followed by attempted connection from the same host to port 80/tcp.

HTH,
-Gary-

-----Original Message-----
From: Suzi VP [mailto:checksec () yahoo com]
Sent: Thursday, August 02, 2001 9:49 AM
To: incidents () securityfocus com
Subject: isakmp


Has anyone else notice a sudden flood of udp/500
traffic? Is this related to CodeRed?

Suzi


__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: