I believe this might be part of a script doing the rounds. It first looks for an open 1524/tcp port and follows it with an access to port 6112/tcp (dtspcd). Antonio > -----Original Message----- > From: High Speed [mailto:at_high_speedat_private] > Sent: Wednesday, June 05, 2002 8:18 AM > To: incidentsat_private > Subject: increase of scans against port 1524 > > > Hi, > > last 2 days I noticed an increased scan against port 1524 > > ingreslock 1524/tcp ingres > ingreslock 1524/udp ingres > > Are there known issues with this port ? > Recently found vulnerabilities ? > > thanks > > HS > > > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com > > > ------------------------------------------------------------------ > ---------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jun 05 2002 - 10:36:09 PDT