full-disclosure - Anyone else exoeriencing blasts o' port 6129 TCP?

lists.openwall.net		lists / announce john-users owl-users popa3d-users / xvendor oss-security / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4
Open Source and information security mailing list archives

This website is powered by Openwall GNU/*/Linux security-enhanced OS

[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]

From: rob_schrack at urmc.rochester.edu (Rob Schrack)
Subject: Anyone else exoeriencing blasts o' port 6129 TCP?

Oh yeah... just after Christmas, 6129 accounted for maybe 25% of the packets
we submitted to dshield.  In the past 5 days, they've accounted for nearly
1/2 of two million plus packets.

I've been wonderin' if anyone else had been seeing it....

----- Original Message ----- 
From: "Jim Race" <caferace@...l.com>
To: "LC" <full-disclosure@...ts.netsys.com>
Sent: Saturday, January 03, 2004 12:37 PM
Subject: [Full-Disclosure] Anyone else exoeriencing blasts o' port 6129 TCP?

> I noticed some action the previous 48 hours, and on checking logs this
> morning it seems that port 6129 (DameWare Remote Admin) was the common
> factor. ISC seems to have it on the top of their trends list:
>
> http://isc.sans.org/top10.html
>
> hmmmm.
>
> -jim
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>