[Dshield] Microsoft ASN.1

Paul Marsh pmarsh at nmefdn.org
Wed Feb 11 16:17:45 GMT 2004


John:

  OK now I'm even more concerned >>>>80<<<<  

  Any idea what the probe is going to look like, where did you find this
info?

Thanx, Paul 

> -----Original Message-----
> From: Lauro, John [mailto:jlauro at umflint.edu] 
> Sent: Wednesday, February 11, 2004 10:52 AM
> To: General DShield Discussion List
> Subject: RE: [Dshield] Microsoft ASN.1
> 
> >From what I read....  Far more then that...
> 
> Don't forget 80, 443, 220, 23 (yes, NTLM over telnet if you 
> run telnet server on windows), protocol 47 (VPN), etc...  And 
> this still is still just scratching the surface of the list...
> 
> > -----Original Message-----
> > From: list-bounces at dshield.org
> > [mailto:list-bounces at dshield.org] On Behalf Of Paul Marsh
> > Sent: Wednesday, February 11, 2004 10:28 AM
> > To: list at dshield.org
> > Subject: [Dshield] Microsoft ASN.1
> > 
> > 
> > I'm sure everyone has been reading the emails regarding ASN.1.  I'm 
> > concerned that eEye is giving out way too much information. 
>  I'm sure 
> > all the script kiddies are waiting with much anticipation 
> for someone 
> > (a real coder) to release the exploit in an easy to use 
> package.  From 
> > what I've read it looks like scanning should take place on 
> UDP/88 and 
> > TCP/135, 139 and 445.  I know this is premature but are 
> these the only 
> > port that are vulnerable?  Anyone what to take a guess as 
> to what the 
> > probes are going to look like?  And when?  I'd love to see 
> some of the 
> > underground chatter on this one. I'd like see how close the 
> blackhats 
> > are to creating a workable model.
> > 
> > Thanx, Paul
> > 
> > _______________________________________________
> > list mailing list
> > list at dshield.org
> > To change your subscription options (or unsubscribe), see: 
> > http://www.dshield.org/mailman/listinfo/list
> > 
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 




More information about the list mailing list