Re: Re : Large scale scan of port 2401

From: Sevo Stille (sevoat_private)
Date: Fri Aug 24 2001 - 05:40:03 PDT

Next message: Avleen Vig: "Re: Smurf Broadcast DoS attack"

Previous message: Michal Nazarewicz: "RE: Code Red - A Possible Origin?"
In reply to: axess: "Re : Large scale scan of port 2401"
Next in thread: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"
Reply: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"
Reply: axess: "Re: Re : Large scale scan of port 2401"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

axess wrote:

> 2401/tcp  cvspserver
> 
> This port is used by AIX

I'd be surprised if it were - it would make anon-cvs rather awkward to 
run on AIX, and that probably would have made it into public knowledge. 
This is the default port for CVS servers, anon included. And the number 
of the latter alone will probably outnumber the count of open AIX 
systems on the net by a magnitude or more...

I'd expect 2401 scans to look for CVS rather than AIX. Have any new CVS 
exploits cropped up? Of course, people might just be looking for open 
accounts or public access to private archives...

Sevo

-- 
Sevo Stille
sevoat_private

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Avleen Vig: "Re: Smurf Broadcast DoS attack"
Previous message: Michal Nazarewicz: "RE: Code Red - A Possible Origin?"
In reply to: axess: "Re : Large scale scan of port 2401"
Next in thread: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"
Reply: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"
Reply: axess: "Re: Re : Large scale scan of port 2401"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 24 2001 - 12:36:56 PDT