Incidents Mode:
(Page 11 of 170)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
\x HTTP requests 2006-11-09
Maxime Ducharme (mducharme cybergeneration com) (1 replies)

Hello list

I see these HTTP request and I'm looking for more information :

x.x.x.1 - - [06/Nov/2006:17:33:23 -0500] "\x16\x03" 200 8 "-" "-"
x.x.x.2 - - [07/Nov/2006:16:26:21 -0500] "\x80m\x01\x03\x01" 200 8 "-" "-"
x.x.x.2 - - [07/Nov/2006:16:26:21 -0500] "\x80m\x01\x03" 200 8 "-" "-"

[ more ]  [ reply ]
RE: \x HTTP requests 2006-11-09
ROPERT François (Francois ROPERT supinfo com)
Re: Re: Malware/trojan attacks 2006-11-07
michael code ae

Maybe you can use tcpview from SysInternals ( to see what program is using that socket, and lookup more on that, or get a cleaner from a reputed website.

Just a thought,


[ more ]  [ reply ]
Re: Malware/trojan attacks 2006-10-25
krokofish hotmail com
Hello Richard,

i think i have the same problem on an WinXP Home Edition Laptop here.
I got this laptop from a friend. He complained about slow reaction and other bad behaviour while working.
First thing i´ve tried was to scan for viruses with ClamAntiVirus and Stinger.exe. Two viruses where found a

[ more ]  [ reply ]
Malware/trojan attacks 2006-10-24
Goetz, Richard (RGoetz Kronos com) (1 replies)
Over the last several months we have on more than one occasion uncovered a number of Trojans that appear to be seeking corporate information, sending that over a chat session to/through several European sites and downloading additional programs to the infected computer. Here's a short synopsis of th

[ more ]  [ reply ]
RE: Malware/trojan attacks 2006-10-26
lucretias (lucretias shaw ca) (1 replies)
RE: Malware/trojan attacks 2006-10-26
Harlan Carvey (keydet89 yahoo com) (1 replies)
RE: Malware/trojan attacks 2006-10-27
lucretias (lucretias shaw ca)
RE: nmap reveals trinoo_master on router 2006-10-23
Maxime Ducharme (mducharme cybergeneration com)


nmap command structure (usually called documentation)
can be found here :

I am not sure to understand the second question

filtering can be done upwards, i.e. the ISP filters
outgoing TCP 27765 to prevent Trinoo from spreading

filtering can also be done by y

[ more ]  [ reply ]
RE: nmap reveals trinoo_master on router 2006-10-18
Dario Ciccarone (dciccaro) (dciccaro cisco com)
Hi there:

It is always useful to attach the output of a "show tech" from
the router under test, and also the command line used while invoking
nmap :)

I would recommend for you to go and read the nmap documentation
- specifically, the "Port scanning basics" section - available at

[ more ]  [ reply ]
nmap reveals trinoo_master on router 2006-10-18
fahimdxb gmail com (1 replies)
On my Cisco Router, I do a nmap scan from outside on the Internet. The result is:

" Interesting ports on *.*.50.1:

Not shown: 1676 closed ports
23/tcp filtered telnet
135/tcp filtered msrpc
1524/tcp filtered ingreslock
27665/tcp filtered Trinoo_Master

I am worried

[ more ]  [ reply ]
Re: nmap reveals trinoo_master on router 2006-10-18
Robin Sheat (robin kallisti net nz)
RE: Massive SPAM Increase 2006-10-17
modincidents mail securityfocus com

This thread is off topic with no sign of returning, so I think this is a
good spot to close the thread. Robert Felber was kind enough to stop by
and clarify the misunderstanding regarding how policyd-weight utilizes MX
records (see "Subject: policyd-weight - brief explanation by author"),

[ more ]  [ reply ]
Re: strange http get requests in apache access logs 2006-10-17
rowland onobrauche (rowland onobrauche legendplc com)
Hash: SHA1

aldiones wrote:

> Could you please share how you prevented this from happening in
> your server?
> It would be greatly appreciated.
> Thanks!
> On 10/16/06, *rowland onobrauche *
> <rowland.onobrauche (at) legendplc (dot) com [email concealed]
> <mailto:rowland.onobrauche@le

[ more ]  [ reply ]
policyd-weight - brief explanation by author 2006-10-17
Robert Felber (r felber ek-muc de)

while I was hunting for issues with policyd-weight via google I cam across
incidents@securityfocus. While reading the thread I have seen that there is
some sort of misunderstanding which I would like to clarify.

Policyd-weight does NOT only lookup the MX record of the sender domain.


[ more ]  [ reply ]
(Page 11 of 170)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


Privacy Statement
Copyright 2010, SecurityFocus