[41972] in bugtraq
What is sbininitd port 65534 ???
daemon@ATHENA.MIT.EDU (waltdnes@waltdnes.org)
Thu Jan 5 20:12:59 2006
From: waltdnes@waltdnes.org
Date: Wed, 4 Jan 2006 23:22:36 -0500
To: Bugtraq list <bugtraq@securityfocus.com>
Message-ID: <20060105042236.GA15481@waltdnes.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
I've seen graphs on the sans.org site indicating that traffic on this
port has seen a major rise. It sounds like something linux might be
vulnerable to. I've tried finding out what gives, but neither Google
nor the major security sites I've tried show any hits for "sbininitd",
other than to note that port 65534 is used by the sbininitd trojan.
My ADSL-modem-cum-souter blocks unsolicited traffic by default. I've
put in a specific packet-filter rule to block the port for now, but I'd
really like to know what I'm up against, and more info on protection.
--
Walter Dnes <waltdnes@waltdnes.org> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca
