RE: malicious scans

To: "Debian User List" <debian-user@lists.debian.org>
Subject: RE: malicious scans
From: "Jens Simmoleit" <simmel@anymotion.de>
Date: Wed, 19 May 2004 11:36:44 +0200
Message-id: <[🔎] AHEKLJMBOMKBNCOCJICPGEJJCKAA.simmel@anymotion.de>
In-reply-to: <[🔎] 20040518122001.B16211@humble>


<Let me word it this way, suppose I wanted to scan the above ports, and
<exploit any vulnerabilities found, and I didn't want to do it from my own
<machine, but rather by infecting someone else's, and I didn't know how to
do
<it myself, where would I look to find a premade programme that would do
this
<for me ?

<Any thoughts ?

<gerry


Hmh, your wording is confusing me a little bit? Do you mean, if there are
port scans on e.g. Port 445, how can I find out what could cause them and
which program is normally hooked up to this port?

Try this site http://ports.tantalo.net/index.php

Try it with 445, you'll see the "normal" programs/services for this port and
also listed e.g. (in RED) the Sasser worm..... is that what you meant?

Greets,
Simmel

P.S.: Combined with the previous urls you should have some material now I
guess :-)

Reply to:

References:
- Re: malicious scans
  - From: ghcbc@yahoo.com

Prev by Date: pgp signature attachements w/ cryptplug
Next by Date: RE: Back up a Windows box w/o Samba?
Previous by thread: Re: malicious scans
Next by thread: Re: OT: malicious scans
Index(es):
- Date
- Thread