On Mon, 11 Mar 2002 Paulo.Sedrezat_private wrote: > 3049 is the CFS - Cryptografic File System - service port. Those scans are > probably probing for some weak - or absent - password for a file system. What I'm looking at is a virus that was posted to vuln-dev last week: http://online.securityfocus.com/archive/82/259719 I realize that 3049 is used for CFS, but what I'm looking for is a specially-formatted UDP packet that is designed to send commands to the backdoor this virus installs. Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Mar 11 2002 - 11:06:30 PST