[Dshield] Scans on port 3659?
brblueser at uol.com.br
Fri Nov 8 19:58:32 GMT 2002
thks for replying, please refer to my last post with updated info.
On Fri, 8 Nov 2002 11:24:31 -0800
"ALEPH0" <aleph0 at pacbell.net> wrote:
> Do a netstat. The "-p" option (under linux) will give you PIDs and
> program names for your listeners. If you aren't listening on that
> port, it might be yet another trojan port that someone is trawling for
> -----Original Message-----
> From: list-admin at dshield.org [mailto:list-admin at dshield.org]On Behalf
> Of Ed Truitt
> Sent: Friday, November 08, 2002 9:47 AM
> To: list at dshield.org
> Subject: Re: [Dshield] Scans on port 3659?
> Have you tried running the netstat command to see if you have anything
> listening on that port? If you don't have something listening, then
> it is probably not legit traffic. If you do, then you need to look at
> what it is and determine if it is legit or not.
> Port 3659 is not assigned according to IANA.
> Ed Truitt
> PGP fingerprint: 5368 D25E 468C A250 9833 CCD6 DBAE 9C25 02F9 0AB9
> "Note to spammers: my 'delete' key is connected to YOUR ISP.
> Also, if you send me UCE, I reserve the right to post your spew
> on my Web site, with the appropriate color commentary, so that
> others may have a good laugh at your expense."
Andre Oliveira da Costa
More information about the list