Security Incidents mailing list archives

Scans on TCP port 135

From: Kevin Patz <jambo_cat () yahoo com>
Date: 20 Feb 2003 21:12:04 -0000



Starting in late October 2002, I've been seeing 
occasional scans on TCP port 135 on my box.  I also 
see UDP scans on this port, and I know these are 
Windows Messenger spam attempts, but I am wondering 
what the TCP scans are for.

Could they be attempting to exploit 
this: "Vulnerability: RPC Service DoS (port 135/tcp) 
on Windows 2000 SP3" which I read about here: 

http://www.securityfocus.com/archive/1/296114

Is it this, or could it be something else?  Is it 
possible to send Messenger spam via TCP/135?

  KJP

----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core

Current thread:

Scans on TCP port 135 Kevin Patz (Feb 20)
- Re: Scans on TCP port 135 Dave Aitel (Feb 21)