NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Incidents> 2001-11

From: bonkwebchat.chatsystems.com
Date: Sun Nov 04 2001 - 09:06:04 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Anyone know what trojans/backdoors run on 22634, 24544 and 29319 ?
Snort.org doesn't list these.

80 24.23.170.219 http Nov 4 03:56:14
80 24.23.19.114 http Nov 4 03:13:24
80 24.23.170.219 http Nov 4 02:57:32
80 24.23.170.219 http Nov 4 02:57:29
80 24.23.170.219 http Nov 4 02:44:27
80 24.23.170.219 http Nov 4 02:08:54
80 24.23.170.219 http Nov 4 02:08:51
80 24.100.151.92 http Nov 4 02:01:11
80 24.100.151.92 http Nov 4 02:01:08
80 24.214.18.131 http Nov 4 00:57:24
80 67.164.189.42 http Nov 4 00:16:15
25 67.164.189.42 smtp Nov 4 00:16:14
110 67.164.189.42 pop3 Nov 4 00:16:14
21 67.164.189.42 ftp Nov 4 00:16:13
7 67.164.189.42 echo Nov 4 00:16:13
53 67.164.189.42 domain Nov 4 00:16:09
22634 24.254.60.19 unknown Nov 3 23:49:26
22634 24.254.60.19 unknown Nov 3 23:48:26
22634 24.254.60.19 unknown Nov 3 23:47:26
22634 24.254.60.19 unknown Nov 3 23:46:26
22634 24.254.60.19 unknown Nov 3 23:45:26
22634 24.254.60.19 unknown Nov 3 23:44:26
22634 24.254.60.19 unknown Nov 3 23:43:26
22634 24.254.60.19 unknown Nov 3 23:42:26
22634 24.254.60.19 unknown Nov 3 23:41:53
22634 24.254.60.19 unknown Nov 3 23:41:36
22634 24.254.60.19 unknown Nov 3 23:41:28
80 24.23.170.219 http Nov 3 23:39:37
80 24.51.8.166 http Nov 3 22:57:26
80 24.51.8.166 http Nov 3 22:57:23
80 24.23.170.219 http Nov 3 22:47:18
80 24.23.170.219 http Nov 3 22:47:15
21 80.11.127.241 ftp Nov 3 22:39:47
21 80.11.127.241 ftp Nov 3 22:39:41
80 24.23.19.114 http Nov 3 22:29:26
80 24.23.19.114 http Nov 3 22:29:23
80 24.23.170.219 http Nov 3 22:13:45
80 24.23.170.219 http Nov 3 22:01:43
80 24.23.170.219 http Nov 3 22:01:40
80 24.23.19.114 http Nov 3 21:30:41
80 24.23.19.114 http Nov 3 21:30:38
27374 24.19.71.108 Sub7 Nov 3 21:18:13
27374 24.19.71.108 Sub7 Nov 3 21:18:01
27374 24.19.71.108 Sub7 Nov 3 21:17:55
27374 24.19.71.108 Sub7 Nov 3 21:17:52
80 24.23.19.114 http Nov 3 20:44:14
80 24.23.19.114 http Nov 3 20:44:11
80 24.23.19.114 http Nov 3 20:34:55
80 24.23.19.114 http Nov 3 20:34:52
80 24.23.19.114 http Nov 3 20:18:01
80 24.23.19.114 http Nov 3 20:17:58
80 24.23.170.219 http Nov 3 20:17:05
80 24.23.170.219 http Nov 3 20:10:24
80 24.23.170.219 http Nov 3 20:10:22
34554 24.254.60.39 unknown Nov 3 20:01:40
80 24.23.170.219 http Nov 3 20:01:04
80 24.23.170.219 http Nov 3 20:01:02
34554 24.254.60.39 unknown Nov 3 20:00:40
34554 24.254.60.39 unknown Nov 3 19:59:40
34554 24.254.60.39 unknown Nov 3 19:58:40
34554 24.254.60.39 unknown Nov 3 19:57:40
34554 24.254.60.39 unknown Nov 3 19:56:40
34554 24.254.60.39 unknown Nov 3 19:55:40
34554 24.254.60.39 unknown Nov 3 19:55:02
34554 24.254.60.39 unknown Nov 3 19:54:43
34554 24.254.60.39 unknown Nov 3 19:54:33
53 202.138.113.150 domain Nov 3 19:54:12
53 202.138.113.150 domain Nov 3 19:54:06
53 202.138.113.150 domain Nov 3 19:54:03
27374 24.156.37.3 Sub7 Nov 3 19:42:12
27374 24.156.37.3 Sub7 Nov 3 19:42:06
27374 24.156.37.3 Sub7 Nov 3 19:42:02
80 24.23.19.114 http Nov 3 19:23:08
80 24.23.19.114 http Nov 3 19:23:05
111 211.112.143.2 sunrpc Nov 3 19:22:33
80 24.23.19.114 http Nov 3 19:21:11
80 24.23.19.114 http Nov 3 19:21:07
80 24.23.19.114 http Nov 3 19:11:52
80 24.23.19.114 http Nov 3 19:11:49
80 24.16.82.182 http Nov 3 16:25:40
80 24.16.82.182 http Nov 3 16:25:37
80 24.12.210.113 http Nov 3 15:50:57
80 24.12.210.113 http Nov 3 15:50:54
29319 24.254.60.33 unknown Nov 3 10:13:09
29319 24.254.60.33 unknown Nov 3 10:12:09
29319 24.254.60.33 unknown Nov 3 10:11:09
29319 24.254.60.33 unknown Nov 3 10:10:09
29319 24.254.60.33 unknown Nov 3 10:09:09
29319 24.254.60.33 unknown Nov 3 10:08:09
29319 24.254.60.33 unknown Nov 3 10:07:09
29319 24.254.60.33 unknown Nov 3 10:06:33
29319 24.254.60.33 unknown Nov 3 10:06:15
29319 24.254.60.33 unknown Nov 3 10:06:06
80 213.96.11.21 http Nov 3 09:52:33
515 157.238.46.30 printer Nov 3 08:15:20
515 157.238.46.30 printer Nov 3 08:15:17
111 211.100.18.45 sunrpc Nov 3 07:54:16
111 211.100.18.45 sunrpc Nov 3 07:54:13
80 24.234.87.155 http Nov 3 06:15:40
80 24.234.87.155 http Nov 3 06:15:37

Bonk
Bonkcyberabuse.org

================================================

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]