[47746] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

New SubSeven outbreak?

daemon@ATHENA.MIT.EDU (Jeff Workman)
Sun May 12 10:34:01 2002

Date: Sun, 12 May 2002 10:33:06 -0400
From: Jeff Workman <jworkman@pimpworks.org>
To: nanog@merit.edu
Message-ID: <79210000.1021213986@kyle>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu


All,

I have seen 6 portscans looking for SubSeven on a /24 in the past 24 hours. 
It'd been a while since I had seen *any*, now I'm seeing all these.  Is 
this a new outbreak/vulnerability, or have I just been lucky?  Has anybody 
else seen an increase in scans on tcp port 27374?

I scanned through BugTraq and didn't see any mention of anything there.

-J

--
Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org

home help back first fref pref prev next nref lref last post