---- Original Message ----- From: "Christopher R. Hertel" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 28, 2002 10:24 PM Subject: RPC message service?
> A curious article: > > http://www.wired.com/news/technology/0,1282,55795,00.html > > It says that the Messenger Service Spammers are using port 135, which > means that they're not using regular WinPOPUP stuff (the <03> names on > port 139). I do, in fact, see connect attempts to port 135 in my home > firewall logs. (I think they should be called slimewalls.) > > I'm guessing that they're doing something RPC-related that has, basically, > the same effect. I'm just curious to know what it is... <snip> They are they are using Windows messenger.. net send <ip address> "message goes here" AFAIK Shaolin - IT Systems WB Ltd. .: http://www.security-forums.com :.
