Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: large scale distributed scan of port tcp 445

From: Thomas Cannon <tcannon () noops org>
Date: Fri, 9 Aug 2002 09:54:14 -0700 (PDT)
On Thu, 8 Aug 2002, Rob Keown wrote:


That is MS-DS as I recall. I don't see anything in my logs but dshield has
the port with a huge spike of targets, with low sources on 7/28.
http://isc.incidents.org/port_details.html?port=445 It was ranked 4th on
that day.

Cannot recall any exploits on this port or service.

Anyone know of any exploits on this?



I didn't know any, but this might be something to consider, if nothing
else:

http://www.sygate.com/alerts/XP_default_TCP445_open.htm


Cheers,

-tcannon




Rob Keown



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



"No brain, no headache"


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: