Re: increase of scans against port 1524

[Drew Schaffner <drew () bioeng ucsd edu>]

Another great reference for port searching is:
http://andrew.triumf.ca/cgi-bin/port

On Wed, 5 Jun 2002, GrdnWsl wrote:

> AFAIK, this port is also used for the Trinoo trojan.  I've been seeing
> some scans on my on this port in my netblock as well... not too many,
> but some.  Although, I haven't really seen an increase per se.  Anyhow,
> you might want to check out www.neohapsis.com.  They have, somewhere on
> their site (can't remember where exacly) a list of ports and what
> viruses/trojans/worms run on them.  They also have a version in
> /etc/services format.  It's come in handy to figure out why a particular
> port is being scanned.
>
> High Speed wrote:
> > Hi,
> >
> > last 2 days I noticed an increased scan against port 1524
> >
> > ingreslock    1524/tcp    ingres
> > ingreslock    1524/udp    ingres
> >
> > Are there known issues with this port ?
> > Recently found vulnerabilities ?
> >
> > thanks
> >
> > HS
> >
> >
> > _________________________________________________________________
> > Send and receive Hotmail on your mobile device: http://mobile.msn.com
> >
> >
> > ----------------------------------------------------------------------------
> >
> > This list is provided by the SecurityFocus ARIS analyzer service.
> > For more information on this free incident handling, management and
> > tracking system please see: http://aris.securityfocus.com

-- 
Drew Schaffner
Department of Bioengineering
University of California San Diego

perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com