| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: measl at mfn.org (J.A. Terranson) Subject: SNMP Broadcasts On Tue, 13 Jul 2004, BillyBob wrote: > From: BillyBob <billybobknob@...mail.com> Hello Mr. Knob, > Subject: [Full-Disclosure] SNMPBroadcasts SNMP doesn't "broadcast" > For the past 12 hours my external IP has been bombarded with SNMP "Bombarded"? Below you state it was only "several per second". Are you on a dial connection? > Broadcasts, I have sent complaints to my ISP and the ISP of the originating > IP. And both are likely laughing their asses off right about now. > The attacking IP must have some sort of worm or automated script to go > through all the port numbers as his remote port starts at 60001 and goes up > to 64087 but it hits my local ports 1-highest port # (65535) if I let my > logs record that much. SNMP goes to ports 161 and 162, *only*. > Could this be some kind of SNMP DoS as I get several/second ? I know I shouldn't be asking this, but... Do you know how to use Ethereal? -- Yours, J.A. Terranson sysadmin@....org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden
Powered by blists - more mailing lists