Security Incidents mailing list archives
Re: strange logs -- tcp port 16166
From: tcleary2 () csc com au
Date: Thu, 26 Jun 2003 13:51:03 +0800
Is it just me or is someone fixing up to do some research here? I've had the following sequence numbers show up in the last 24 hours ( sadly only three packets in a bunch ) 824917714 825535612 827341564 Which means ( according to Valdis' formula: sequence == <seq no.> ( == ??? * 256**3 + ??? * 256**2 + ???*256 + ???) 49.43.62.210 49.52.172.24 49.80.58.252 Should be getting shouts from the trojans, right? None of them ping/resolve and they all belong in the IANA reserved space. Let hope the results make it back to the list, eh? ;-) Regards, tom. __________________________________________________ Security Consultant/Analyst CSC Ph: +61 8 9429 6478 Email: tcleary2 () csc com au ---------------------------------------------------------------------------------------- This email, including any attachments, is intended only for use by the addressee(s) and may contain confidential and/or personal information and may also be the subject of legal privilege. Any personal information contained in this email is not to be used or disclosed for any purpose other than the purpose for which you have received it. If you are not the intended recipient, you must not disclose or use the information contained in it. In this case, please let me know by return email, delete the message permanently from your system and destroy any copies. ---------------------------------------------------------------------------------------- ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- strange logs -- tcp port 16166 Jiang Peng (Jun 24)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- <Possible follow-ups>
- RE: strange logs -- tcp port 16166 James C. Slora, Jr. (Jun 25)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- Re: strange logs -- tcp port 16166 James C. Slora Jr. (Jun 25)
- RE: strange logs -- tcp port 16166 Jerry Shenk (Jun 25)
- Re: strange logs -- tcp port 16166 tcleary2 (Jun 26)
- Re: strange logs -- tcp port 16166 Justin Pryzby (Jun 27)