[unisog] Windows 2000 break-ins

Arnold, Jamie harnold at binghamton.edu
Fri Sep 6 14:03:57 GMT 2002


Duke has a decent description of the IRC XDCC thingie..

http://security.duke.edu/cleaning/xdcc.html

-----Original Message-----
From: Chris Wilson [mailto:chrisw at nipissingu.ca] 
Sent: Friday, September 06, 2002 9:24 AM
To: jeff01 at email.unc.edu; flynngn at jmu.edu
Cc: unisog at sans.org
Subject: Re: [unisog] Windows 2000 break-ins


A quick question reguarding XDCC traffic. What port(s) are typicaly used for
XDCC

And we have noticed a sudden(rather large) jump in out incoming prot 80
traffic (top 10 users are using 40%+  of our resnets bandwidth. Does anyone
know of something new on port 80 that is a bandwidth hog(prehaps a new P2P)



Christopher Wilson EET
University Technical Services
Nipissing University

chrisw at mail.nipissingu.ca
Tel: (705) 474 3450  ext 4377
Fax: (705) 474 1947



More information about the unisog mailing list