Actually, AIX does use port 2401 for an AIX-specific service, writesrv. Yes, it is in conflict with the assigned number for cvspserver. They're not the first vendor to do that, and they won't be the last. It does require disabling the writesrv service before running a CVS pserver on AIX. (Not that awkward, and not that hard to identify as the reason your pserver won't start. But still an extra step.) I agree it probably does make more sense for it to be a search for CVS servers than for AIX systems, though. =Dave Sevo Stille wrote: > > axess wrote: > > > 2401/tcp cvspserver > > > > This port is used by AIX > > > I'd be surprised if it were - it would make anon-cvs rather awkward to > run on AIX, and that probably would have made it into public knowledge. > This is the default port for CVS servers, anon included. And the number > of the latter alone will probably outnumber the count of open AIX > systems on the net by a magnitude or more... > > I'd expect 2401 scans to look for CVS rather than AIX. Have any new CVS > exploits cropped up? Of course, people might just be looking for open > accounts or public access to private archives... -- Hello World. David Bronder - Systems Admin Segmentation Fault ITS-SPA, Univ. of Iowa Core dumped, disk trashed, quota filled, soda warm. david-bronderat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 12:49:02 PDT