Any W2K or later OS from Microsoft (except maybe .NET server) installs with that port open. It's not specific to XP. It was added to W2K as a NetBIOS -135/139 replacement. * Jim Harrison MCP(NT4/2K), A+, Network+ Services Platform Division The burden of proof is not satisfied by a lack of evidence to the contrary.. -----Original Message----- From: Thomas Cannon [mailto:tcannonat_private] Sent: Friday, August 09, 2002 9:54 AM To: Rob Keown Cc: 'Russell Fulton'; incidentsat_private Subject: RE: large scale distributed scan of port tcp 445 On Thu, 8 Aug 2002, Rob Keown wrote: > That is MS-DS as I recall. I don't see anything in my logs but dshield > has the port with a huge spike of targets, with low sources on 7/28. > http://isc.incidents.org/port_details.html?port=445 It was ranked 4th > on that day. > > Cannot recall any exploits on this port or service. > > Anyone know of any exploits on this? I didn't know any, but this might be something to consider, if nothing else: http://www.sygate.com/alerts/XP_default_TCP445_open.htm Cheers, -tcannon > > Rob Keown > > > > ---------------------------------------------------------------------- > ------ > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > "No brain, no headache" ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Aug 09 2002 - 12:29:09 PDT