|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Portnoy, Gary (gportnoy
belenosinc.com)Date: Thu Aug 02 2001 - 13:19:42 CDT
I couldn't find it now, but i think last week someone mentioned that if the
default setting on a W2k server is to attempt a secure connection, it will
send out this 500/udp probe to try contact the other code and negotiate IKE.
If you review your logs, you'll probably see this udp/500 probe quickly
followed by attempted connection from the same host to port 80/tcp.
HTH,
-Gary-
-----Original Message-----
From: Suzi VP [mailto:checksecyahoo.com]
Sent: Thursday, August 02, 2001 9:49 AM
To: incidentssecurityfocus.com
Subject: isakmp
Has anyone else notice a sudden flood of udp/500
traffic? Is this related to CodeRed?
Suzi
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]