I too am seeing a huge leap in the amount of portmap probes I am seeing at home on a cable network. In the 4 hours I have seen 8 probes to 111. From what I can see just from my own data here is that they are all Linux and are all running every service under the sun. It could be someone out their gaining more traction with one of the Linux worms we have all seen lately or it could be a new variant although I doubt it's payload contains a new exploit (for a formerly unknown vuln). 5 of the eight hosts were in Korea, everyone has been notified. VP Engineering SecurityFocus.com "Vae Victis"
This archive was generated by hypermail 2b30 : Thu Apr 19 2001 - 07:26:06 PDT