Yeah, actually, they probably arn't trying to exploit that. In fact,
SecurityFocus is a little confused about the difference between that and
my new DoS's, (plonk and the netbios kernel leak), which are 2 other
completely different things.
There's no point in scanning for them though. If you were going to use
them, you'd just use them. :>
-dave
On 20 Feb 2003 21:12:04 -0000
Kevin Patz <jambo_cat (at) yahoo (dot) com [email concealed]> wrote:
>
>
> Starting in late October 2002, I've been seeing
> occasional scans on TCP port 135 on my box. I also
> see UDP scans on this port, and I know these are
> Windows Messenger spam attempts, but I am wondering
> what the TCP scans are for.
>
> Could they be attempting to exploit
> this: "Vulnerability: RPC Service DoS (port 135/tcp)
> on Windows 2000 SP3" which I read about here:
>
> http://www.securityfocus.com/archive/1/296114
>
> Is it this, or could it be something else? Is it
> possible to send Messenger spam via TCP/135?
>
> KJP
>
> ---------------------------------------------------------------------
> -------
>
> Do you know the base address of the Global Offset Table (GOT) on a
> Solaris 8 box?
> CORE IMPACT does.
> www.securityfocus.com/core
>
>
>
SecurityFocus is a little confused about the difference between that and
my new DoS's, (plonk and the netbios kernel leak), which are 2 other
completely different things.
There's no point in scanning for them though. If you were going to use
them, you'd just use them. :>
-dave
On 20 Feb 2003 21:12:04 -0000
Kevin Patz <jambo_cat (at) yahoo (dot) com [email concealed]> wrote:
>
>
> Starting in late October 2002, I've been seeing
> occasional scans on TCP port 135 on my box. I also
> see UDP scans on this port, and I know these are
> Windows Messenger spam attempts, but I am wondering
> what the TCP scans are for.
>
> Could they be attempting to exploit
> this: "Vulnerability: RPC Service DoS (port 135/tcp)
> on Windows 2000 SP3" which I read about here:
>
> http://www.securityfocus.com/archive/1/296114
>
> Is it this, or could it be something else? Is it
> possible to send Messenger spam via TCP/135?
>
> KJP
>
> ---------------------------------------------------------------------
> -------
>
> Do you know the base address of the Global Offset Table (GOT) on a
> Solaris 8 box?
> CORE IMPACT does.
> www.securityfocus.com/core
>
>
>
------------------------------------------------------------------------
----
Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core
[ reply ]