Security Incidents mailing list archives
Re: UDP port 500 traffic from two clients
From: Gary Flynn <flynngn () jmu edu>
Date: Mon, 28 Jan 2002 14:33:16 -0500
Chris Wilkes wrote:
I recently moved and changed IP addresses within my ISP's block and two IP addresses from mediaone.net and home.com hit me a couple of times a minute with a UDP request to port 500.
Code Red and Nimda infected machines will reportedly generate port 500 traffic. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- UDP port 500 traffic from two clients Chris Wilkes (Jan 28)
- Re: UDP port 500 traffic from two clients Glen Mehn (Jan 28)
- Re: UDP port 500 traffic from two clients Gary Flynn (Jan 28)
- Re: UDP port 500 traffic from two clients Hugo van der Kooij (Jan 28)
- <Possible follow-ups>
- RE: UDP port 500 traffic from two clients McCammon, Keith (Jan 28)
- RE: UDP port 500 traffic from two clients Toni Heinonen (Jan 28)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 28)
- RE: UDP port 500 traffic from two clients Fernando Cardoso (Jan 29)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 29)
- RE: UDP port 500 traffic from two clients Greg A. Woods (Jan 28)