I'm somewhat new to this group, but what do you mean when you say you "did a port 80 walk"? -Wes -----Original Message----- From: Manuel Fernandes [mailto:manuelfat_private] Sent: Wednesday, May 14, 2003 6:40 PM To: 'Maciej Bogucki'; 'Aaron Cheek'; incidentsat_private Subject: RE: tcp/554 scans My thoughts: something interesting I found was that Microsoft's Media Server 9 supposedly runs on Cougar/9.00.00.3352 --- not confirmed yet. However, that server had some old vulnerabilities which might still be accessible. Perhaps users are trying to use RTSP to create havoc or snoop around if you have some kind of streaming going on. Off topic: I did a port 80 walk and found out some old stuff http://x.x.x.x/%3CSCRIPT%3Ealert%28document%3EURL%29%3C/SCRIPT%3E/ http://x.x.x.x/.ns4/../winnt/win.ini http://x.x.x.x/.HTACCESS. --> Manuel -----Original Message----- From: Maciej Bogucki [mailto:maciej.boguckiat_private] Sent: Wednesday, May 14, 2003 4:57 AM To: Aaron Cheek; incidentsat_private > I received a sequential tcp/554 scan of one of my > Class Cs. Me too. > > AFAIK tcp/554 is rtsp (Real Time Streaming Protocol). > Any known vulns in rtsp? Any other known guys sleeping > on that port? Anyone seeing this? See: http://www.securityfocus.org/bid/7020 http://www.hack.co.za/download.php?file=586 Best Regards Maciej Bogucki ------------------------------------------------------------------------ ---- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ ---- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ------------------------------------------------------------------------ ---- ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri May 16 2003 - 11:57:33 PDT