> last week, the targeted systems, which reside on roadrunner cablemodem ... > anybody else seen an increase in morpheus/kazaa scans, or have any insight > into the reasons (new vuln scanning tool, new morpheus/kazaa exploits, > etc)? As noted on bugtraq, accessing a Morpheus/Kazaa user directly via port 1214 bypasses the clients built-in limitations on the number of concurrent downloads. If your on a large cable provider, your most likely just getting scanned by kids looking for music and movies. This would explain the .gov and .edu sources also. Blackhats do read the securityfocus lists too. -Mike Damm ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 11 2002 - 16:27:37 PST