Re: Messenger Spam on 1026 - Bad News Kids - dslreports.com

republican-creole			Search:
	login · register

	All Forums		Hot Topics		Gallery

how-to block ads

Forums » Up and Running » Security » Security » Messenger Spam on 1026 - Bad News Kids


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

Should still use a software firewall with a router »
« Netstat Prompt Results - What does this mean?

psloss
Premium
join:2002-02-24
Alpharetta, GA

Re: Messenger Spam on 1026 - Bad News Kids

said by Link Logger :
Today my interest in the recent flood of UDP port 1026 drove me to write PortPuker, which allows me to take captures from PortPeeker and bring them into the lab where I can conduct some experiments on the traffic in question.

This has been discussed a lot recently and someone pointed out a LURHQ advisory from the June timeframe:
»www.lurhq.com/popup_spam.html

Also, spammers are also beginning to send messages to UDP port 1027. I have also seen stray packets to UDP port 1028.

Lawrence Baldwin and I recently modified the myNetWatchman WinPopup tester to send messages to both the endpoint mapper UDP port, 135, and also to UDP ports 1025-1029, inclusive:
»Update: Windows Messenger Spam

Hopefully, this is a more realistic test of what is happening now.

Philip Sloss
--
(Thanks, anonymous!) Feedback? e-mail: stuff@lupwa.org

permalink · 2003-09-16 10:25:55 · Print ·

whispa2113

join:2002-11-20
Marysville, CA

Re: Messenger Spam on 1026 - Bad News Kids

Click for full size

I did a Symantec Security check of that IP and found out the IP is San Jose California.

I'll see if I can get a screen shot.

permalink · 2003-09-16 15:12:18 · Print ·

your comment..

Forums » Up and Running » Security » Security	Should still use a software firewall with a router » « Netstat Prompt Results - What does this mean?


Tuesday, 01-Dec 04:28:12	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF

Most commented news this week
· [60] Baltimore To Ban Lazy Cable Installs
· [47] Broadband Killed The Game Console
· [35] Rural Carriers Quickly Embracing Fiber
· [31] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [25] Charter Exits Chapter 11
· [22] Midcontinent Socked With Easement Lawsuit
· [4] Monday Evening Links
· [3] Monday Morning Links

Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· Is Microsoft Technet ok to use for my family PC's? [Microsoft Help]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Callcentric and 3-way calling [VOIP Tech Chat]
· Considering Leaving Vonage, who should I Consider? [VOIP Tech Chat]
· [Snow Leopard] NFS Mounts - no more Directory Utility [All Things Macintosh]
· Why is VoIP Better than POTS? [VOIP Tech Chat]
· Opening a file download dialog from a JavaScript function. [Webmasters and Developers]
· Evading throttling with uTP / uTorrent 1.9a [TekSavvy]