>does is listen on port5000 to? 2 attempts we seen come from machines >nmap'd below - wonder if its what you talking about - we think they >being used as proxy to jump from
port 5000 is open on only XP w/pnp enabled, however this helps identify XP from 2k and allows a good guess as to which OS is running. ( for proper targeting ) cheers, mw _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
