site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > New Worms scanning on 1025 and others

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Reviews:
·Shaw

reply to Link Logger

Re: New Worm scanning on 1025, 2745, 3127 and 6129

Just caught another capture on 1024 with a difference MD5 hash then before and the scan pattern was different:

Mar 08, 2004 12:04:26.150 - (TCP) 211.238.194.79 : 2206 >>> 68.144.193.246 : 6129
Mar 08, 2004 12:04:26.130 - (TCP) 211.238.194.79 : 2205 >>> 68.144.193.246 : 445
Mar 08, 2004 12:04:20.121 - (TCP) 211.238.194.79 : 2206 >>> 68.144.193.246 : 6129
Mar 08, 2004 12:04:20.101 - (TCP) 211.238.194.79 : 2205 >>> 68.144.193.246 : 445
Mar 08, 2004 12:04:17.407 - (UDP) 192.168.1.33 : 137 >>> 211.238.194.79 : 137
Mar 08, 2004 12:04:17.287 - (TCP) 211.238.194.79 : 2206 >>> 68.144.193.246 : 6129
Mar 08, 2004 12:04:17.247 - (TCP) 211.238.194.79 : 2205 >>> 68.144.193.246 : 445
Mar 08, 2004 12:04:16.956 - (TCP) 211.238.194.79 : 2194 >>> 192.168.1.38 : 1025

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel
to forum · permalink · 2004-03-08 16:18:46 ·


jmn1207
Premium
join:2000-07-19
Ashburn, VA

1024? I don't see it anywhere. Would be odd to see something similar on any port below 1025.

to forum · permalink · 2004-03-08 16:28:19 ·
Forums > Broadband Tech > Security > Security

Monday, 04-Jun 04:20:49 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics