Security Incidents mailing list archives
Re: Large increase in port 27347
From: kyle.r.maxwell () verizon com
Date: Thu, 30 Oct 2003 09:48:27 -0600
As Mark pointed out, this activity is on TCP 27347, not TCP 27374. Although I wonder if there's some scanning out there based on a typo in the port number? -- Kyle Maxwell InfoSec Engineer Verizon Global Security Operations Center kyle.r.maxwell () verizon com "Bruce Moore" <291 () canada com> 10/29/2003 09:31 AM To: incidents () securityfocus com cc: Subject: Re: Large increase in port 27347 In-Reply-To: <3E71BE64C6ECD8449CD5A236F700FA96814643 () odcexch wei owhc net> Could possibly be attributed to Sub7 Trojan or Spybot worm family. McAfee has recently commented on this activity and updated their website. See link below. http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100282
From: "Bassett, Mark" <mbassett () omaha com> To: <incidents () securityfocus com> MAJOR increase in port 27347 hits. If anyone manages to capture whatever this is please post immediately =3D) Be on the lookout folks. http://isc.incidents.org/port_details.html?port=3D27347 Mark Bassett Network Administrator World media company Omaha.com 402-898-2079
--------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_incidents_031023 and use priority code SF4. ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_incidents_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- Large increase in port 27347 Bassett, Mark (Oct 28)
- Re: Large increase in port 27347 stefmit (Oct 29)
- <Possible follow-ups>
- RE: Large increase in port 27347 Bassett, Mark (Oct 30)
- Re: Large increase in port 27347 Bruce Moore (Oct 30)
- Re: Large increase in port 27347 kyle . r . maxwell (Oct 30)
- Re: Large increase in port 27347 Jeff Kell (Oct 31)
- Re: Large increase in port 27347 Jeff Kell (Oct 31)
- Re: Large increase in port 27347 kyle . r . maxwell (Oct 30)