[unisog] [UMBC NIDS] Wide Scan Summary (fwd)

Joe Matusiewicz joem at nist.gov
Tue Mar 26 14:48:49 GMT 2002


At 06:11 PM 3/25/02, Anderson Johnston wrote:

>Any idea why someone would scan port 60001?
>
>
>===================================================================================
>                             Scanners by Number of Target IP Addresses
>                             -----------------------------------------
>Scanner IP              # Targets               Ports                   Type
>-------------------     --------------          ----------- 
>-----------
>62.204.197.138          275                     60001                   SYN


Perhaps it's TFN2K traffic:

http://www.iss.net/security_center/alerts/advise43.php

Or Trinity:

http://www.simovits.com/trojans/tr_data/y1797.html

Or Stacheldracht:

http://lists.insecure.org/incidents/2000/Sep/0053.html


-- Joe



More information about the unisog mailing list