 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Jon, I haven't seen a large upswing in my tarpit today for that port, but the day is still young. See BugTraq ID 7020 at http://www.securityfocus.org/bid/7020/info/ and the archived discussion thread starting at http://lists.insecure.org/lists/incidents/2003/May/0060.html for details about a buffer overflow vulnerability with the Real Networks Real Servers. Ken McKinlay, GCIA Network Security, Dy 4 Systems [EMAIL PROTECTED] > -----Original Message----- > From: Jon R. Kibler [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 01, 2003 10:05 AM > To: [EMAIL PROTECTED] > Subject: [Dshield] Port 554/tcp > > > Today is Monday, right? At least is seems so here. The data > circuit over which route outgoing traffic (except mail) is > down, and since I cannot access the web, I may be asking some > stupid questions here, so please forgive me in advance. > > We have seen a sudden rise this morning in 554/tcp traffic. > Has anyone else? > > One of our Linux boxes claims in the default /etc/services > file that 554 is "Real Time Stream Control Protocol"... what is that? > > Any ideas with what application or exploit these probes may > be associated? > > Thanks! > > Jon R. Kibler > Chief Technical Officer > A.S.E.T., Inc. > Charleston, SC USA > (843) 849-8214 > > _______________________________________________ list mailing list [EMAIL PROTECTED] To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.