lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200308101811.h7AIBWfa019055@ns2.mmicman.com>
From: support at mmicman.com (Edward W. Ray)
Subject: +++++SPAM+++++ TCP ports 1025-1030 and DCOM exploit; false positive

 Do not know where this came from

Regards,

Edward W. Ray
SANS GCIA, GCIH

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Edward W. Ray
Sent: Sunday, August 10, 2003 10:28 AM
To: full-disclosure@...ts.netsys.com
Cc: northcutt@...s.org; j.french@...tehats.ca
Subject: +++++SPAM+++++ [Full-Disclosure] TCP ports 1025-1030 and DCOM
exploit

This mail is probably spam.  The original message has been attached along
with this report, so you can recognize or block similar unwanted mail in
future.  See http://spamassassin.org/tag/ for more details.

Content preview:  I have found that the RPC service in Windows also uses
  TCP ports 1025-1030 for communication with domain controllers (DCs). I
  found this out by accident by blocking ports in my Windows 2003 domain
  and observing failed RPC connectivity using netdiag command on clients.
  I also observed attempts at connection on TCP port 1025. [...] 

Content analysis details:   (3.20 points, 3 required)
KNOWN_MAILING_LIST (-0.9 points) Email came from some known mailing list
software FORGED_MUA_OUTLOOK (3.5 points)  Forged mail pretending to be from
MS Outlook MISSING_OUTLOOK_NAME (0.6 points)  Message looks like Outlook,
but isn't




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ