Yeah, actually, they probably arn't trying to exploit that. In fact, SecurityFocus is a little confused about the difference between that and my new DoS's, (plonk and the netbios kernel leak), which are 2 other completely different things. There's no point in scanning for them though. If you were going to use them, you'd just use them. :> -dave On 20 Feb 2003 21:12:04 -0000 Kevin Patz <jambo_catat_private> wrote: > > > Starting in late October 2002, I've been seeing > occasional scans on TCP port 135 on my box. I also > see UDP scans on this port, and I know these are > Windows Messenger spam attempts, but I am wondering > what the TCP scans are for. > > Could they be attempting to exploit > this: "Vulnerability: RPC Service DoS (port 135/tcp) > on Windows 2000 SP3" which I read about here: > > http://www.securityfocus.com/archive/1/296114 > > Is it this, or could it be something else? Is it > possible to send Messenger spam via TCP/135? > > KJP > > --------------------------------------------------------------------- > ------- > > Do you know the base address of the Global Offset Table (GOT) on a > Solaris 8 box? > CORE IMPACT does. > www.securityfocus.com/core > > > ---------------------------------------------------------------------------- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. www.securityfocus.com/core
This archive was generated by hypermail 2b30 : Fri Feb 21 2003 - 15:41:46 PST