Security Incidents mailing list archives

Re: New game using port 1470?

From: Louis-Eric () SIMARD COM (Louis-Eric Simard)
Date: Sun, 7 May 2000 13:35:18 -0400


F. Piette wrote a popular ICMP library for Borland Delphi that is widely
used; this just seems like somebody is using it.

 + Louis-Eric Simard

At 12:50 PM 03/05/00 -0700, you wrote:

I've recently seen a scan signature that I haven't seen before.  It
involves an admixture of UDP packets to 1470, and "Delphi-Piette" pings
to the same IPs.  These are pings where the ICMP contains:

50 69 6E 67 69 6E 67 20 66 72 6F 6D 20 44 65 6C  Pinging from Del
70 68 69 20 63 6F 64 65 20 77 72 69 74 74 65 6E  phi code written
20 62 79 20 46 2E 20 50 69 65 74 74 65 20 20 20   by F. Piette
20 20 20 20 20 20 20 20

It feels like a game, but I don't know which one.  Any clues?

Stuart.

--
Stuart Staniford  ---  President  ---  Silicon Defense
                  stuart () silicondefense com
(707) 445-4355                     (707) 445-4222 (FAX)

Current thread:

New game using port 1470? Stuart Staniford (May 03)
- Re: New game using port 1470? Oliver Sturm (May 08)
- <Possible follow-ups>
- Re: New game using port 1470? Louis-Eric Simard (May 07)