|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Portnoy, Gary (gportnoy
belenosinc.com)Date: Thu Aug 02 2001 - 07:50:26 CDT
Correct me if I am wrong, but isn't Microsoft's implementation of RPC called
DCE RPC and if so, isn't the portmapper listening on port 135, not 111. So,
that being said, I believe Jonathan was talking about *nix RPC, and Opus was
talking about DCE RPC.
A slight misunderstanding...
And yes, i am seeing an increase in port 111 activity, and no activity to
port 135.
-Gary-
-----Original Message-----
From: Opus [mailto:opusircore.com]
Sent: Wednesday, August 01, 2001 10:06 PM
To: Jonathan Rickman
Cc: incidentssecurityfocus.com
Subject: Re: Code Red side effects
Microsoft posted a bulletin "Malformed RPC Request Can Cause Service
Failure" on July 26th here is the url for the bulletin
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/security/
bulletin/ms01-041.asp
-Opus
On Wed, 1 Aug 2001, Jonathan Rickman wrote:
> With all the attention focused on Code Red, am I the only one seeing a
huge
> increase in RPC scans? I've logged over a hundred unique hosts in the last
4
> hours.
>
>
--
.~.
/V\
/( )\
^^-^^
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]