On Thu, 24 Oct 2002, Matt Harris wrote: > It seems unlikely that an automated process was scanning on port 23/tcp > for anything that would use the SSL libraries which had these problems. > As far as I know, no self-spawning trojan was ever created that would > even check port 22 - only port 443 would be affected at least by the > slapper worms I know of, since they relied 100% on an SSL-enabled web > server. Several worms are still out here that hunt for several unprotected ports. Most of them are rare now but at least one was very good into staliking and breking Cobalt Cubes and default Red Hat Linux machines. It mostly obvious by the webpage shown that the user was not really aware of the installed services as they were the distro default. Hugo. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Oct 25 2002 - 16:21:28 PDT