Security Incidents mailing list archives
Surge of attacks on ports 61127 & 61134
From: Joseph <joseph () netSecureLabs CA>
Date: Thu, 25 Jul 2002 14:55:33 -0400 (EDT)
This morning my logs showed me a surge of new UDP packets attacks, mainly to ports 61127 & 61134 . I can't find any info on this, so I'm wondering what it can be. It seems very well known, if I can say, because source IPs are from everywhere, I must have gotten a good 50-80 probes. I see alot different *dip.t-dialin.net orgin sources, which *dip.t-dialin.net seems to make the top 10 attack list at dshield and incidents' website. Curious, new virus? or attack tool? I don't have a log of the packet, justs its denial attempt. Normally, all my attacks are standard stuff, this pops out like really new... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Bind 9.2.X exploit??? güvercin (Jul 24)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
- Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
- Re: Bind 9.2.X exploit??? Jim Clausing (Jul 25)
- Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
- Surge of attacks on ports 61127 & 61134 Joseph (Jul 25)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
- Re: Bind 9.2.X exploit??? Alexandru Balan (Jul 26)
- Re: Bind 9.2.X exploit??? David Carmean (Jul 26)
- <Possible follow-ups>
- Re: Bind 9.2.X exploit??? Muhammad Faisal Rauf Danka (Jul 25)
- Re: Bind 9.2.X exploit??? Sebastian (Jul 25)