[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new exploit - ping/137/27374 ?

On Fri, Jun 29, 2001 at 02:30:19PM -0500, JonesMB wrote:
> is there a new exploit script that starts with a ping, followed by attempts
> at connecting to port 137, followed by 27374.  I have seen a big increase
> in this in my ipchains logs this week.  I have also noticed that attempts
> at port 111 have almost disappeared.
> jmb
> PS - before any educates me on the port numbers being used in the attempts,
> I know that 111 is for RPC exploits, 137 is for Netbios SMB and 27374 is
> for SubSeven.

It's probably some l33t script kiddie tool that checks for both attacks.

Daniel Stone						     <daniel@sfarc.net>
<Nuke> "can NE1 help me aim nuclear weaponz????? /MSG ME!!"

Reply to: