Hi,
today i saw lot of connection attemps to port 12980 on my
machine. Because that are many[1] and they came from different hosts i
am wondering what is going on here.
Arne
[1]
[EMAIL PROTECTED]/var/log$ grep "Aug 3" kern.log | grep 12980 | wc -l
628
Aug 3 22:55:12 r2d2 kernel: Sonstige
On Sat, Aug 03, 2002, Dale Amon wrote:
> What would be interesting about Port 1433? I seem to be seeing hits
> on it on different, well seperated networks. Is it a destination for
> worms and virii?
The port 1433/tcp is the Microsoft SQL Server port.. an interesting port
if you are able to guess t
On Sat, Aug 03, 2002 at 01:19:25PM -0400, Andrew P. Kaplan wrote:
> > What would be interesting about Port 1433?
>
> M$ SQL server. There's an exploit for it.
>
>
> http://www.iana.org/assignments/port-numbers
Thanks. Charles Fulmer also pointed out this very useful
report at CERT:
http://www.
Microsoft SQL server listens on 1433.
You might prolly want to check this:
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0039.html
for the advisory.
cheers,
xavier
On Sat, Aug 03, 2002 at 06:06:03PM +0100, Dale Amon wrote:
> What would be interesting about Port 1433? I seem to be
On Sat, Aug 03, 2002 at 06:06:03PM +0100, Dale Amon wrote:
> What would be interesting about Port 1433? I seem to be seeing
> hits on it on different, well seperated networks. Is it a
> destination for worms and virii?
There is the MS SQL Server Worm which aim this port.
--
Tab
Port 1433 is the port used by SQL Server. I'm not sure what else it's used for.
Perhaps this is a SQL Server attack?
On Sat, 2002-08-03 at 11:06, Dale Amon wrote:
What would be interesting about Port 1433? I seem to be seeing
hits on it on different, well seperated networks. Is it
What would be interesting about Port 1433? I seem to be seeing
hits on it on different, well seperated networks. Is it a
destination for worms and virii?
It's rather something like, installation failed due to bad signature or so.
Actually it never happened to me.
Marcel
-Ursprüngliche Nachricht-
Von: Jussi Ekholm [mailto:[EMAIL PROTECTED]
Ok, thanks. Of course, GnuPG/PGP signature is a bit different than MD5
checksums, but thanks a lot
On Sat, Aug 03, 2002 at 07:17:43AM -0400, Andres Salomon wrote:
> I've crontabbed `DEBIAN_FRONTEND=noninteractive apt-get -q
> dist-upgrade`. I've not yet had any problems w/ it; debconf questions
> should use the default, and config files should not be overwritten. Of
> course, this is w/ st
On Fri, 2 Aug 2002, Michelle Konzack wrote:
> there is a Debian-Package ssl-nfs (or secure-nfs) in the Mirror...
> It is much more save the all other trics with your Networks.
And what mirror would that be? Any pointers?
Cheers,
Cristian
Jussi Ekholm <[EMAIL PROTECTED]> writes:
> I was just wondering if anyone else is getting this kind of mail delivery
> errors from debian-security, although the mails still go through. I've
> been getting at least three of these already:
>
> | Date: Sat, 3 Aug 2002 14:10:00 +0300
> | From: [EMAIL
## Jussi Ekholm ([EMAIL PROTECTED]):
> | Date: Sat, 3 Aug 2002 14:10:00 +0300
> | From: [EMAIL PROTECTED]
> | Subject: Mail Delivery Error
> | To: Jussi Ekholm <[EMAIL PROTECTED]>
> |
> | No such user: [EMAIL PROTECTED]
>
> And I'm very much sure, that all of my mails I've sent to
> debian-securi
I've crontabbed `DEBIAN_FRONTEND=noninteractive apt-get -q
dist-upgrade`. I've not yet had any problems w/ it; debconf questions
should use the default, and config files should not be overwritten. Of
course, this is w/ stable; I wouldn't trust this w/ testing/unstable.
On Thu, Aug 01, 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello.
I was just wondering if anyone else is getting this kind of mail
delivery errors from debian-security, although the mails still go
through. I've been getting at least three of these already:
| Date: Sat, 3 Aug 2002 14:10:00 +0300
| From: [EMAI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcel Weber <[EMAIL PROTECTED]> wrote:
> "Jussi Ekholm" <[EMAIL PROTECTED]> wrote:
>> I was just wondering about the policy, in general - too. Are the
>> "official" Debian packages created with MD5 checksum file, as well?
>> And does ``debsums'' work
On Fri, Aug 02, 2002 at 03:52:34PM -0500, Daniel Rychlik wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
> Hello,
>
> I have recently setup PGP on my Debian server at home.
> I have setup Exim for relay of 3 hosts. I would like to be able to
> include pgp signature signing for the three hosts.
On Sat, 3 Aug 2002 11:47:19 +0300
"Jussi Ekholm" <[EMAIL PROTECTED]> wrote:
> You are most likely correct, but I'm just mapping my options here; are
> Debian packages md5summed regularily? If so, I have ``debsums'' package
> installed. Does this software check the MD5 checksum before the package
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Florian Weimer <[EMAIL PROTECTED]> wrote:
> There isn't an easy way to determine whether a Debian package is
> authentic or not. I'm not even sure what "authentic" means in this
> context.
You are most likely correct, but I'm just mapping my options
18 matches
Mail list logo
