[unisog] echo and chargen
allen at rescomp.berkeley.edu
Wed Jan 22 01:34:55 GMT 2003
I would run a Nessus scan on those computers to check for blank passwords.
Or simply call up the students and ask them. We've seen many Windows 2k
computers compromised with all sorts of fun things running on different
Network Security Coordinator
On Tue, 21 Jan 2003, Mary M. Chaddock wrote:
> The machines with the ports open are student's computers located in their
> dorms. These are machines that did not have these ports open last month.
> There are quite a few of them. My firewall logs show there were several
> incoming connections _from_ port 7 on a udavis.edu computer. However,
> again, that is only one of many. There is a payload, and this does not
> appear to be a DoS.
> I'm suspecting P2P is involved somehow.
> Mary M. Chaddock, GSEC, GCUX
> Network Security Administrator
More information about the unisog