[Dshield] Mydoom, Navarg, Sco what ever
DavidHart at TQMcube.com
Tue Jan 27 15:06:53 GMT 2004
On Tue, 2004-01-27 at 09:56, Johannes B. Ullrich wrote:
> Yes, the infected host will show an open port 3127 with nmap.
This rr host is clearly infected. No 3127
PORT STATE SERVICE VERSION
135/tcp filtered msrpc
136/tcp filtered profile
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
VERIZON has verified Einstein's observation:
"Only two things are infinite, the universe and
human stupidity, and I'm not sure about the former."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20040127/8e7503b1/attachment.bin
More information about the list