[Dshield] Rise in version.bind scans?

Frank Knobbe frank at knobbe.us
Wed Jan 26 17:32:47 GMT 2005

On Sat, 2005-01-15 at 08:34 -0500, Joel Esler wrote:
> I've noticed @ work, and now at home that there seems to be an increase 
> in version.bind scans.  CHAOS? version.bind is the string (who hasn't 
> seen that before ;)  but there seems to be alot more of them than there 
> used to be.

The answer to this scan appears to be on the front page of today's ISC
(Internet Storm Center) diary ;)

Was this done by hackers in possession of a 0-day exploit, or perhaps
initiated by ISC (Internet Systems Consortium) to check what the level
of exposure is -- how many vulnerable versions are in the wild -- in
order to build a risk model that could further assist in the timing of
the patch release? Conspiracy theorists rejoice.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20050126/2a31c6ef/attachment.bin

More information about the list mailing list