[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [cobalt-users] Raq550: Port Scans - need help

Subject: AW: [cobalt-users] Raq550: Port Scans - need help
From: "Andreas Cahen" <qube@xxxxxxxx>
Date: Mon Mar 10 06:28:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Hi John and Joe,

It seems that SubSeven 2.1 Windows Remote Control Trojan uses that port.

I hope that I could be of some assistance :)

Cheers from Switzerland :)

Andreas Cahen




I've stopped 1'040 spam messages. You can too!
Get your free, safe spam protection at
http://www.cloudmark.com/spamnetsig/



-----Ursprüngliche Nachricht-----
Von: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] Im Auftrag von admin
Gesendet: Montag, 10. März 2003 15:01
An: cobalt-users@xxxxxxxxxxxxxxx
Betreff: RE: [cobalt-users] Raq550: Port Scans - need help


John,

I get the same messages.  They happen sporadically maybe every other day
and sometimes two or three in a day.  I don't have a clue what this is
about.  Anyone have an idea?

Joe


Joseph Grossbauer
The Grossbauer Group
442 N. Calumet Road, Suite 301
Chesterton, IN 46304

Tel: 219.926.1000 x203
Fax: 219.929.1502



-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of John D. Gorena
Sent: Sunday, March 09, 2003 22:49
To: Cobalt-Users List
Subject: [cobalt-users] Raq550: Port Scans - need help


I know that I have asked this before but the info does not make sense to
me.  Maybe one of you Raq550 owners can shed some light on this subject.

I get the following and according to the message it looks like the scan
comes from my system going out (outbound).  Do other owners see this?

This alert notification is to inform you of network activity occurring
on your host.
           Timestamp:  Thu 12 Dec 2002 03:22:47 AM CST
          Alert Type:  Port Scan Detected
           Interface:  eth0
            Protocol:  tcp
 Packet Size (bytes):  40
      Source Address:  65.169.119.101
         Source port:  27374
           Direction:  outbound
 Destination Address:  211.215.42.85
    Destination Port:  2021
           Log Entry:  eth0:portscan: tcp 65.169.119.101/27374 ->
211.215.42.85/2021 40 rst (16)

_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- RE: [cobalt-users] Raq550: Port Scans - need help
  - From: admin

Prev by Date: RE: [cobalt-users] Raq550: Port Scans - need help
Next by Date: [cobalt-users] My Server has been hacked
Previous by thread: Re: [cobalt-users] Raq550: Port Scans - need help
Next by thread: [cobalt-users] Fetchmail problem : e-mails sent to Mailing list subscriber are coming to Admin

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index