|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Script kiddies and port 12345
From: Michael Williams (mgwilliams
newsouth.com)Date: Tue Oct 03 2000 - 09:12:13 CDT
- Next message: Justin Stanford: "Re: Script kiddies and port 12345"
- Previous message: Justin Stanford: "Re: Script kiddies and port 12345"
- In reply to: Stephen Hocking: "Script kiddies and port 12345"
- Next in thread: Justin Stanford: "Re: Script kiddies and port 12345"
- Reply: Michael Williams: "Re: Script kiddies and port 12345"
- Reply: Justin Stanford: "Re: Script kiddies and port 12345"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 3 Oct 2000, Stephen Hocking wrote:
> After a couple of weeks of probing 139, the little darlings are now hammering
> on 12345 - anybody have an idea of what hole this is? Another backdoor?
Well, if they're probing 139 and 12345, I would assume they're looking for
NT machines that have Server Management System installed on 'em (or an old
version of NetBus, since that's what a couple of scanners I've used have
defaulted to for a description of port 12345). SMS is a remote
administration tool for NT machines; I don't know of any specific
vulnerabilities in the current version, but I would love to be corrected
if I'm wrong.
Regards,
Michael Williams
NewSouth Communications -- IP Security Team
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Justin Stanford: "Re: Script kiddies and port 12345"
- Previous message: Justin Stanford: "Re: Script kiddies and port 12345"
- In reply to: Stephen Hocking: "Script kiddies and port 12345"
- Next in thread: Justin Stanford: "Re: Script kiddies and port 12345"
- Reply: Michael Williams: "Re: Script kiddies and port 12345"
- Reply: Justin Stanford: "Re: Script kiddies and port 12345"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]