Firewall Wizards mailing list archives

Re: Scans to ports 1090 and 1080

From: Rik Farrow <rik () spirit com>
Date: Thu, 20 Aug 1998 17:42:19 -0700 (MST)


* Roger Marquis
| Has anyone heard of vulnerabilities on ports 1080 or 1090?  These look
| like straight scans otherwise.

The mscan tool looks specifically for WinGate servers at port 1080.
WinGate comes ready to relay connections for everyone by default
(see http://www.wingate.net/secure-wingate.htm for information on
changing this, as well as the current default).  This is old news
(see http://geek-girl.com/bugtraq/1998_1/0490.html).

I heard one report of mscan being used to scan all class B's beginning
with 128 back in the middle of July, using a Silicon Graphics box as
the source host.  For more on mscan, see CIAC Bulletin I-073 or
AusCERT Alert AL-98.01 (ftp://ftp.auscert.org.au/pub/ and ftp.ciac.org).

Regards,
Rik

Current thread:

Scans to ports 1090 and 1080 Roger Marquis (Aug 16)
- Re: Scans to ports 1090 and 1080 Massimo Brogioni (Aug 17)
- Re: Scans to ports 1090 and 1080 Gigi Sullivan (Aug 17)
  - Re: Scans to ports 1090 and 1080 Zach Brown (Aug 19)
- Re: Scans to ports 1090 and 1080 Daniel J. Gregor Jr. (Aug 17)
- Re: Scans to ports 1090 and 1080 Erlend Midttun (Aug 18)
- <Possible follow-ups>
- Re: Scans to ports 1090 and 1080 Vern Paxson (Aug 17)
- Re: Scans to ports 1090 and 1080 Kinczli Zoltán (Aug 18)
- Re: Scans to ports 1090 and 1080 Rik Farrow (Aug 23)