Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
From: Lindsey Simon <lsimon@auschron.com>
Date: Thu, 5 Apr 2001 13:31:31 -0500
Message-id: <20010405133131.J1512@bella.auschron.com>
In-reply-to: <3.0.6.32.20010405124057.00caf100@arthem.com>; from jonesmb@arthem.com on Thu, Apr 05, 2001 at 12:40:57PM -0500
References: <3.0.6.32.20010405121217.00c8d100@arthem.com> <20010405164810.D8923@finlandia.infodrom.north.de> <3.0.6.32.20010405121217.00c8d100@arthem.com> <20010405193348.P32713@agisphere.com> <3.0.6.32.20010405124057.00caf100@arthem.com>

I've been wondering why I get so many probes on port 53, what's the popular exploit on it?

JonesMB in message Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed (Thu, 04/05 12:40):

> >>I guess we should expect a whole lot of attempts to connect to the ports
> >>used by NTP once the script kiddies figure this one out.
> >> 
> >>I probably average about 20 connect attempts to ports 53 and 111 every day.
> >
> >port 137 has also a good average.
> 
> oh yeah, I forgot about that one, along with 27374.
> 
> jmb
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: Nathan E Norman <nnorman@micromuse.com>
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: "Noah L. Meyerhans" <frodo@morgul.net>
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: "Eric N. Valor" <eric.valor@lutris.com>

References:
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: JonesMB <jonesmb@arthem.com>
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: Philippe BARNETCHE <barnetch@agisphere.com>
- Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
  - From: JonesMB <jonesmb@arthem.com>

Prev by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Previous by thread: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by thread: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Index(es):
- Date
- Thread