[EMAIL PROTECTED] writes: > I recently ran a Nessus scan (safe mode) against a single host > (Solaris) and noticed a TCP 58434 > 23005 [ACK] out of the blue from > 226.4.3.90, which of course does not exist on my test LAN.
What you saw is sent by spank.nasl; Solaris is vulnerable, BTW. No reason to worry much, the only impact I could imagine is some kind of stealth scan. > Is this expected from say the "trojans" plug-in, to check for the > NetTrash backdoor? Forget the ports, they are random > If so, why the particular masqueraded IP? It is not masqueraded: 226.4.3.90 is a multicast address. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
