[Dshield] Is there any malicious activity at the macrumours.com address?

Adam Mooz adam.mooz at gmail.com
Fri Jun 26 15:31:32 GMT 2009


On Fri, Jun 26, 2009 at 8:19 AM, Robert
Greenough<robert.greenough at gmail.com> wrote:
> Hi Adrian,
>
> The site isn't listed as malicious by Google, McAfee, or Symantec (take that
> as you will...grain of salt perhaps?).  There is a redirection to
> macrumours.com:81 but no malware that I can see.
>
> Bob
>
> On Thu, Jun 25, 2009 at 3:22 PM, Adrian Hawkins <Adrian.Hawkins at bi-lo.com>
> wrote:
>>
>> Hi all,
>>
>> I'm a noob to this list, as well as security. That is why I am asking you
>> knowledgeable folks.
>>
>> I was trying to get to the site macrumors.com last night, but typed in
>> macrumours.com instead. As soon as I went there, my firewall alerted me
>> that the site was trying to access port 81. I closed the window as soon as
>> I could. I'm running the No Script Firefox extension. I did a virus scan
>> to
>> be safe. It didn't return anything, but I'm still worried.
>>
>> Could a computer be compromised by visiting that site? Does it look to be
>> distributing any malware? I appreciate any help.
>>
>>
>> ADRIAN
>>
>> _______________________________________________
>> Dshield mailing list
>> Dshield at lists.sans.org
>> To change your subscription options (or unsubscribe), see:
>> https://lists.sans.org/mailman/listinfo/list
>
>
> _______________________________________________
> Dshield mailing list
> Dshield at lists.sans.org
> To change your subscription options (or unsubscribe), see:
> https://lists.sans.org/mailman/listinfo/list
>
>

>From this site: http://www.grc.com/port_81.htm

Description:
We have no idea what this port's historical use was, and neither,
apparently, does anyone else. It is listed (as shown above) on
everyone's "port list", but no further information is ever offered.

Its current use, and its importance today, is due to is adjacency to
the super-popular "http" world wide web port 80. Sometimes an "off the
beaten path" web server will be established to listen not to port 80,
but to an alternate related port such as 81, 82, 8080, or 8090.
(Related by proximity or appearance.) So port 81 is only noteworthy
today because it is a neighbor to port 80 and is sometimes used, as an
adjunct or alternative, in the same way.



More information about the Dshield mailing list