[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: what attack is this ?



Itamar S.-T. writes:

 > > my firewall logs show someone (192.114.175.59:1117)
 > > that sent udp packets to all our computers to
 > > ports 22 and 5632.
 > > i know port 22 is for ssh, but is it udp or tcp ?
 > > i have no idea about port 5632 though.
 > 
 > While we're at, where can I find a more complete resource of ports than
 > /etc/services?  My firewall denies all kinds of interesting things, of which I
 > recognize only BO at 31337.

Download the "strobe" port scanner, it comes with a very elaborate
services file.


--
Alex Shnitman
alexsh@linux.org.il   UIN 188956
http://alexsh.home.ml.org  --  PGP key here
http://www.debian.org  --  and the OS here