I thought port 31337 was commonly used as the default port for the Back Orrifice trojan which is why i thought a lot of isps filter the port. but i may be wrong. Chris Barnes System Operations RAMS Home Loans Pty Ltd -----Original Message----- From: SMB [mailto:[EMAIL PROTECTED]] Sent: Monday, 10 September 2001 4:53 PM To: SLUG Subject: Re: [SLUG] [OT] nmap states i don't want to be rude/mean/bad or anything else, but, besides port 421 which i never really looked up before, port 31337 is the port for an IRC bouncer, and 12345 and 12346 look terribly like a rootkit backdoor. might help if you check these out... just as Jeff said, ... *bounce*bounce*bounce* SMB ----- Original Message ----- From: Jeff Waugh <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 10, 2001 10:41 AM Subject: Re: [SLUG] [OT] nmap states > <quote who="Daron Barndon"> > > > Does anyone know how accurate the "filtered" state of nmap is? I have been > > scanning some servers (NT & Linux) and many of them seem to be coming up > > with ports 421,12345,12346 & 31337 as "filtered". :-( > > You're scanning from the outside, behind the ISP? > > A lot of ISPs filter these ports, as they're usually associated with naughty > services. :) > > - Jeff > > -- > ... *bounce*bounce*bounce* > > -- > SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug Searching for "A Better Way" to a home loan ?. Call RAMS on 13 7267, or go to http://www.rams.com.au The e-mail and any attachments may contain confidential information. If you receive it in error you must not use or disclose the information. You must tell us and delete it. We do not waive any legal privilege by sending it. RAMS does not promise that the email is free from virus defect or error. -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
