>> ingreslock 1524/tcp ingres >> ingreslock 1524/udp ingres > >For some reason, the script kiddie community has standardized on this >port as a backdoor for most automated attacks... Though the >vulnerabilities and tools are constantly changing, we have repeatedly >seen the use of 1524 as the backdoor. This is probably because new shellcode for buffer overflows is still difficult to write, so many exploit writers (and subsequently script kiddies) "cut and paste" the same shellcode over and over again. - Steve ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 07 2002 - 10:42:17 PDT