On 7 Apr 99, at 10:31, rand hall wrote:
> Recently we've had a lot of probing on ports 31337 & 31338.
>
> Any idea on what that might be?
31337 is the default port for Back Orifice. Some "script kiddie" is
hoping that someone a bit more capable has already gotten Back Orifice
installed on your system, and left it with the default port settings so
anyone can play. [Actual odds of finding such a system seem, to me,
rather remote, unless your site is both totally insecure and utterly
uninteresting....]
I recommend reporting this to the originating ISP. Either one of
their customers has been hacked (and probably doesn't know it), or one
of their users is starting to play with hacking tools and may graduate
to become a more serious threat if they're just ignored.
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
