Security Incidents mailing list archives

Re: increase of scans against port 1524

From: GrdnWsl <grdnwsl () mrichi com>
Date: Wed, 05 Jun 2002 11:43:07 -0500

AFAIK, this port is also used for the Trinoo trojan.  I've been seeing
some scans on my on this port in my netblock as well... not too many,
but some.  Although, I haven't really seen an increase per se.  Anyhow,
you might want to check out www.neohapsis.com.  They have, somewhere on
their site (can't remember where exacly) a list of ports and what
viruses/trojans/worms run on them.  They also have a version in
/etc/services format.  It's come in handy to figure out why a particular
port is being scanned.

High Speed wrote:

Hi,

last 2 days I noticed an increased scan against port 1524

ingreslock    1524/tcp    ingres
ingreslock    1524/udp    ingres

Are there known issues with this port ?
Recently found vulnerabilities ?

thanks

HS


_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com


----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and
tracking system please see: http://aris.securityfocus.com



-- 

Preston Kutzner | IT Manager
Marketing Resources, Inc.

This e-mail (and any attachments) is confidential and may
contain personal views which are not the views of
Marketing Resources, Inc. unless specifically stated.
If you have received it in error, please delete it from
your system, do not use, copy or disclose the information
in any way nor act in reliance on it and notify the sender
immediately. Please note that Marketing Resources, Inc.
monitors e-mails sent or received. Further communication
will signify your consent to this.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

increase of scans against port 1524 High Speed (Jun 05)
- Re: increase of scans against port 1524 Joe Matusiewicz (Jun 05)
- Re: increase of scans against port 1524 GrdnWsl (Jun 05)
  - Re: increase of scans against port 1524 Drew Schaffner (Jun 05)
- Re: increase of scans against port 1524 Michael Katz (Jun 05)
- RE: increase of scans against port 1524 Antonio Montes (Jun 05)
- Re: increase of scans against port 1524 gminick (Jun 05)
- Re: increase of scans against port 1524 gminick (Jun 05)
- Re: increase of scans against port 1524 Lance Spitzner (Jun 05)
- <Possible follow-ups>
- RE: increase of scans against port 1524 Foster, Belinda (Jun 05)
- Re: increase of scans against port 1524 Steven M. Christey (Jun 07)