Re: port 22224?? What the heck

From: John Campbell (jcampbellat_private)
Date: Fri Jan 25 2002 - 13:03:46 PST

Next message: Boyan Krosnov: "RE: DDoS attack."

Previous message: Chris Keladis: "Re: Strings of 'EEEE' in pings..."
Maybe in reply to: Gary Baribault: "port 22224?? What the heck"
Next in thread: Baribault, Gary: "Re: port 22224?? What the heck"
Reply: Baribault, Gary: "Re: port 22224?? What the heck"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cisco supports Hoot and Holler protocol for their Voice over IP (VOIP)
technology.  A couple of documents on their site show sample configurations
for this protocol using port 22224.  If someone implemented Hoot and Holler
using these 'canned' configurations, they might have set it up with the same
ports.  Or, an attacker might be probing for machines that might be so
configured.

Just a shot.

John Campbell, GCWN
Information Security Engineer
Washington School Information Processing Cooperative (WSIPC)
E-mail: jcampbellat_private


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Boyan Krosnov: "RE: DDoS attack."
Previous message: Chris Keladis: "Re: Strings of 'EEEE' in pings..."
Maybe in reply to: Gary Baribault: "port 22224?? What the heck"
Next in thread: Baribault, Gary: "Re: port 22224?? What the heck"
Reply: Baribault, Gary: "Re: port 22224?? What the heck"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jan 25 2002 - 14:01:25 PST