Net Manager

Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!

Thursday, May 15, 2003

Yesterday, I found an interesting item in my snort logs. Looked like a very innocent (and was) scan of my network for port 80, then port 57, then port 21. Looked for some references to port 57 because I've never seen that one before. Voila, Google comes to the rescue again:

It appears that this is the result of the "FX-Scanner" vulnerability scanner, and has been known to be used by German crackers (see this Incident discussion for more information and links to the scanner.

Interesting not only to know what the crackers are up to, but to be able to see scans from them. BTW: I suspect that the machine that I saw the scan from was a cracked (or trojaned) box [hint, it wasn't in Germany :_)]

posted by David | 5/15/2003 10:05:00 AM

0 Comments:

Post a Comment

<< Home

links

Net Manager Blog
Cockatiel Lair

cNet News
eWeek
cNet
InterNet Week
Network World
Information Week
Security Focus
SANS InfoSec Reading Room
CERT
SlashDot
GrokLaw
NewsForge
LWN.net
Linux Journal
Linux Today
Linux Gazette
The Register

Internet Storm Center
DShield
Internet Health Report
Global Instability
SamSpade DNSBLomatic
Virus Encyclopedia
Symantec Anti-Virus
TMS - Symantec
McAfee
Sophos Top Ten

Security Tracker
Hacker Toolkit
Security-Forums
PacketStorm
Phrack
Astalavista
Interhack
RootKits
Knoppix
Knoopix STD

News Links

CNN Online
MSNBC News
CBS News
ABC News
FOX News
USA Today
The Miami Herald
The Washington Post
The New York Times
BBC News
The Guardian
Canada's CBC
Austraila's ABC

Blog Links

IT Blogs
Just Another Geeks Blog
The Lost Olive
CyberCrime Archives
DataCom Guy
One Man I.T.
Geek Style
Pete's Perfect World
TechDirt