Port 901
This is a discussion on Port 901 within the Linux Security forums, part of the System Security and Security Related category; On Sun, 19 Oct 2003 03:35:09 GMT, Mungo <no_spammail@not.spam> wrote: >Observing an increase ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-19-2003
|
|||
|
|||
Port 901
On Sun, 19 Oct 2003 03:35:09 GMT, Mungo <no_spammail@not.spam> wrote:
>Observing an increase in Port 901 (Samba-Swat) probes eminating from >(mostly U.S.) cable and dsl boxen. Since the packets are stopped at the >border router, I have no idea of what is in them. > >We saw the same thing on 9-15 and 9-25, then they went away. > >If the increased traffic persists, I might sample a few tomorrow or Monday >and see if the fingerprint looks new. Sounds like someone could be testing >a new exploit. > >Meanwhile, it goes without saying that everyone running Samba should make >sure Port 901 is firewalled off. I've noticed this too, except that a lot seem to be coming from Korea. I've started capturing them so as to try to tell if they're Net Devil or Samba attacks. Sponge Sponge's Secure Solutions www.geocities.com/yosponge My new email: yosponge2 aat yahoo dott com 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 04:44 AM.
