Re: Port 6346 scans ?
On Tue, Jul 24, 2001 at 12:21:13AM -0500, Phil Brutsche wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> A long time ago, in a galaxy far, far way, someone said...
>
> > I have a large supply of connection attempts to port 6346? Anybody have
> > a clue about these? DOS attack (several per second)? Or some other
> > 'sploit? I couldn't find any reference to this port via CERT.
> >
> > (seems whomever has given up for now...)
>
> TCP port 6346 is used by the Gnutella person-to-person file sharing
> software. The most likely reasons why you're getting these connections
> would be:
> * Someone who once had your IP number ran Gnutella
> * Someone mistyped an IP number in their Gnutella client
Ahh. Thanks for the clarification. Probably was number 1 as I'm on
dial-up (the connection attempts came from several different IP
addresses ...).
> Whether you want to call it a DoS attack is up to you :)
Well, certainly someone got denied service ;)
--
Eric G. Miller <egm2@jps.net>
Reply to: