[unisog] Scans on tcp/41523

M. Shirk shirkdog_list at hotmail.com
Mon Feb 14 22:26:50 GMT 2005

CA BrightStor ARCServer has several vulnerabilities and one of them uses TCP 
port 41523

And also



>From: Keith Schoenefeld <schoenk at utulsa.edu>
>Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
>To: unisog at lists.sans.org
>Subject: [unisog] Scans on tcp/41523
>Date: Mon, 14 Feb 2005 09:39:36 -0600
>I'm not sure what's going on yet, but I've started picking up a
>reasonably large number of scans on port tcp/41523 from off campus.  The
>Internet Storm Center at SANS (isc.sans.org) has a cool tool where you
>can look up a port and see if other people are picking up scans on
>specific ports.  On Feb. 12th, there were 144 total scans reported to
>isc on port 41523.  For today, and total of 46,000 scans had been
>reported (a 31,844% increase if my math is correct).  Something is up.
>Anyone know of any new worm that creates a backdoor on tcp/41523?
>-- KS
>Keith Schoenefeld
>Manager of College Computer Services
>College of Engineering and Natural Sciences
>The University of Tulsa
>unisog mailing list
>unisog at lists.sans.org

FREE pop-up blocking with the new MSN Toolbar – get it now! 

More information about the unisog mailing list