[unisog] Scans on tcp/41523
shirkdog_list at hotmail.com
Mon Feb 14 22:26:50 GMT 2005
CA BrightStor ARCServer has several vulnerabilities and one of them uses TCP
>From: Keith Schoenefeld <schoenk at utulsa.edu>
>Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
>To: unisog at lists.sans.org
>Subject: [unisog] Scans on tcp/41523
>Date: Mon, 14 Feb 2005 09:39:36 -0600
>I'm not sure what's going on yet, but I've started picking up a
>reasonably large number of scans on port tcp/41523 from off campus. The
>Internet Storm Center at SANS (isc.sans.org) has a cool tool where you
>can look up a port and see if other people are picking up scans on
>specific ports. On Feb. 12th, there were 144 total scans reported to
>isc on port 41523. For today, and total of 46,000 scans had been
>reported (a 31,844% increase if my math is correct). Something is up.
>Anyone know of any new worm that creates a backdoor on tcp/41523?
>Manager of College Computer Services
>College of Engineering and Natural Sciences
>The University of Tulsa
>unisog mailing list
>unisog at lists.sans.org
FREE pop-up blocking with the new MSN Toolbar get it now!
More information about the unisog