Every single host (with one exception) that has scanned my host(s) that is currently up and responding has a wide variety of ports open (typically MS related ports, or 110, 80 and other common server ports with well known vulnerabilities). These include sun Cobalt Raq systems (infamous for poor security), Windows (several running kazaa, not sure if this is part of the infection, cause of infection, or totally unrelated), and the like. Nothing really surprising. Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 10 2003 - 19:51:41 PST