David,
Looks like it might be the "Hack'atack". I believe it uses 31785 TCP and
31789, 31791 UDP.
John
-----Original Message-----
From: Dave Gillett [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 30, 1999 8:09 PM
To: [EMAIL PROTECTED]
Subject: Port Number Use (trojan?)
Somebody recently scanned our address range using UDP; all packets had
source port #31790 and dest port #31789. That looks likely to be a
trojan,
but I don't recognize it as the default port numbers of any one I have
info
on. ANybody recognize it?
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
