Security Incidents mailing list archives
RE: Port 1975 rogue service
From: "John R. Hillman" <john () ridewide com>
Date: Thu, 31 Oct 2002 16:40:48 -0500
I have discovered a rogue service of some sort running on Port 1975 on one of my Win2000 boxes. Connecting to this port via a telnet gives me the below output. Anyone have any idea what this is?
Go!zilla used to run on port 1975, IIRC. <snipped>
220- [ leechers 0ver the last 24 hours: 1699 ] 220- [ leechers logged in: 1783 ] 220- [ current leechers: 2 ] 220- [ kb leeched: 11550405 kb/s ] 220- [ kb filled: 4438567 kb/s ] 220- [ hdd freespace: 768.62 kb ] 220- [ Average Bandwith used: 40.719 ] 220- [ Current Bandwith in use: 16.500 ]
Leechers, eh? You're not serving an anonymous warez FTP there are you? At least, that was the first thing that sprang to mind. J ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Port 1975 rogue service WIlliam Kintz (Oct 31)
- RE: Port 1975 rogue service John R. Hillman (Oct 31)
- <Possible follow-ups>
- RE: Port 1975 rogue service Ashcraft, Brian S (Contractor) (Oct 31)