| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.SGI.4.58.0502141644430.27087@doorknob.id.iit.edu> Date: Mon, 14 Feb 2005 16:56:39 -0600 From: Jeff Mickey <jmic@...rknob.id.iit.edu> To: incidents@...urityfocus.com Cc: bugtraq@...urityfocus.com Subject: RE: Exploit on tcp/4128? A quick google shows "RedShad" and "RCServ"..one in the same?.. both from 2002, Windows trojans, and covered by virus checkers. jeff On Mon, 14 Feb 2005, David Gillett wrote: > 3128 is a commonly-scanned proxy port. Maybe it's a typo? > > David Gillett > > > > -----Original Message----- > > From: Lawrence Baldwin [mailto:baldwinL@...etwatchman.com] > > Sent: Monday, February 14, 2005 2:00 PM > > To: incidents@...urityfocus.com; bugtraq@...urityfocus.com > > Subject: Exploit on tcp/4128? > > > > > > Anyone know what this is: > > > > D:\nc>nc -n -v 64.132.205.69 4128 > > (UNKNOWN) [64.132.205.69] 4128 (?) open > > > > 'ÖP? ? Version? 1.3? Error? ? ? Msg? > > Invalid Packet > > 'ÖP? ? Version? 1.3? Error? ? ? Msg? > > Invalid Packet > > 'ÖP? ? Version? 1.3? Error? ? ? Msg? > > Invalid Packet > > 'ÖP? ? Version? 1.3? Error? ? ? Msg? > > Invalid Packet > > > > 'ÖP? ? Version? 1.3? Error? ? ? Msg? > > Invalid Packet > > 'ÖP? > > ? Version? 1.3? Error? ? ? Msg? Invalid > > Packet ^C > > > > > > The same host above is scanning the *world* for this port: > > > > http://www.mynetwatchman.com/LID.asp?IID=146159119 > > > > Regards, > > > > Lawrence Baldwin > > myNetWatchman.com > > > >
Powered by blists - more mailing lists