[PLUG] Isn't this a lot of ports to have open?
Michael Montagne
montagne at boora.com
Wed Sep 11 16:06:12 UTC 2002
>On 11/09/02, from the brain of Mike De La Mater tumbled:
> No, it's the weirdest- No Windows on the PC at all. Nothing
> to run an exe in sight.
>
> I've done a bit more research, and downloaded a tool to find
> the RSTb worm. I don't get a hit on the rstb_detector,
> claiing it doesn't have that one.
>
> I NEVER read e-mail or d/l files from that PC, it's a server,
> not a workstation.
>
> I'm wondering if it's related to the front page stuff I've
> got running on it. Maybe that cr__ has the ability to get
> infected on it's own...
>
> Mike
>
>
> 9/11/02 7:20:38 AM, Sandy Herring <sandy at herring.org> wrote:
> Mike,
>
> 54320/tcp open bo2k
> 54321/udp open bo2k
>
> ..are also Back Orifice. Is this a dual-boot w/Windows?
I once installed portsentry and it made it look like I had open ports
like this. I didn't like that cause it seemed to call attention to
myself in the wrong circles. Even if they were all simply traps by
portsentry, I didn't want to attract any undue attention.
--
Michael Montagne [montagne at boora.com] 503.226.1575
--
More information about the PLUG
mailing list