[lug] new port 445 MS vulnerability??
Chip Atkinson
chip at rmpg.org
Thu Oct 10 16:43:04 MDT 2002
Check out
http://www.vnunet.com/News/1131065
Chip
On Thu, 10 Oct 2002, D. Stimits wrote:
> All of a sudden, I am getting pounded (well, not too badly, but
> consistently) with IP addresses from all over the place looking to
> connect to port 445 tcp. They are harmless, nothing here is listening to
> 445, but I have to wonder if there is a new MS vulnerability here, or if
> it is just a DDoS thing? Port 445 seems to be listed as microsoft domain
> service. Anyone else seeing this? I am pasting a list of addresses
> below, all of which were trying to get into port 445 at almost the same
> time.
>
> D. Stimits, stimits AT attbi.com
>
> October 10, 2002
>
> 12.98.54.204
> 146.151.79.52
> 195.47.118.56
> 212.41.199.189
> 212.47.15.6
> 213.106.152.65
> 213.106.172.25
> 24.86.112.137
> 62.163.11.153
> 62.30.43.100
> 68.32.49.155
> 68.36.109.55
> 68.42.144.163
> 68.42.23.92
> 68.43.38.204
> 68.44.164.190
> 68.44.194.63
> 68.44.70.135
> 68.45.106.115
> 68.45.117.135
> 68.45.255.223
> 68.46.136.191
> 68.46.14.101
> 68.46.32.18
> 68.46.36.14
> 68.47.208.117
> 68.47.44.188
> 80.0.150.84
> 80.4.11.170
> 80.4.61.215
> 81.96.126.106
> 81.98.183.82
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list