RE: Port UDP 3049

From: Paulo.Sedrezat_private
Date: Mon Mar 11 2002 - 04:17:42 PST

Next message: Patrick Andry: "Re: SMTP Probe/Attack?"

Previous message: Keith T. Morgan: "HTTPS scans"
In reply to: Ryan Russell: "Port UDP 3049"
Next in thread: Ryan Russell: "RE: Port UDP 3049"
Reply: Ryan Russell: "RE: Port UDP 3049"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09-Mar-2002 Ryan Russell wrote:
> I'm looking at some backdoor code that listens on UDP 3049.  I can see
> through ARIS TMS that a number of users have recoded scans for that port.

3049 is the CFS - Cryptografic File System - service port. Those scans are
probably probing for some weak - or absent - password for a file system.

-----
Paulo F. Sedrez
Diretor de Tecnologia
Weavers Network Consulting      Tel/Fax: +55-21-2239-3190
http://www.weavers.com.br       Paulo.Sedrezat_private
--------------------------
Thought of the day:

The law will never make men free; it is men who have got to make the law
free.
                -- Henry David Thoreau


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Patrick Andry: "Re: SMTP Probe/Attack?"
Previous message: Keith T. Morgan: "HTTPS scans"
In reply to: Ryan Russell: "Port UDP 3049"
Next in thread: Ryan Russell: "RE: Port UDP 3049"
Reply: Ryan Russell: "RE: Port UDP 3049"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 11 2002 - 10:48:47 PST