Re: port 22224?? What the heck

From: Baribault, Gary (garyat_private)
Date: Sat Jan 26 2002 - 10:26:06 PST

  • Next message: Bugtraq Mailing Lists: "Re: DDoS attack."

    If it's that, then I would bet on someone trying to hack their way into a 
    VOIP gateway .. was there some default password at install time? I will 
    look into this Hoot & Holler.. One of my guys at the office works a lot 
    with Cisco VOIP.
    
    Thanks
    
    Gary B
    
    At 01:03 PM 1/25/2002 -0800, you wrote:
    >Cisco supports Hoot and Holler protocol for their Voice over IP (VOIP)
    >technology.  A couple of documents on their site show sample configurations
    >for this protocol using port 22224.  If someone implemented Hoot and Holler
    >using these 'canned' configurations, they might have set it up with the same
    >ports.  Or, an attacker might be probing for machines that might be so
    >configured.
    >
    >Just a shot.
    >
    >John Campbell, GCWN
    >Information Security Engineer
    >Washington School Information Processing Cooperative (WSIPC)
    >E-mail: jcampbellat_private
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Sun Jan 27 2002 - 20:04:55 PST