[lug] new port 445 MS vulnerability??

Jeff feenix at ticnet.com
Thu Oct 10 18:52:02 MDT 2002


I get them from time to time.  I've never been able to figure out if
it's anything I need to be concerned about.  I also, do not have
anything listening to the port.  Oh well.

"D. Stimits" wrote:
> 
> All of a sudden, I am getting pounded (well, not too badly, but
> consistently) with IP addresses from all over the place looking to
> connect to port 445 tcp. They are harmless, nothing here is listening to
> 445, but I have to wonder if there is a new MS vulnerability here, or if
> it is just a DDoS thing? Port 445 seems to be listed as microsoft domain
> service. Anyone else seeing this? I am pasting a list of addresses
> below, all of which were trying to get into port 445 at almost the same
> time.
> 
> D. Stimits, stimits AT attbi.com
> 
> October 10, 2002
> 
> 12.98.54.204
> 146.151.79.52
> 195.47.118.56
> 212.41.199.189
> 212.47.15.6
> 213.106.152.65
> 213.106.172.25
> 24.86.112.137
> 62.163.11.153
> 62.30.43.100
> 68.32.49.155
> 68.36.109.55
> 68.42.144.163
> 68.42.23.92
> 68.43.38.204
> 68.44.164.190
> 68.44.194.63
> 68.44.70.135
> 68.45.106.115
> 68.45.117.135
> 68.45.255.223
> 68.46.136.191
> 68.46.14.101
> 68.46.32.18
> 68.46.36.14
> 68.47.208.117
> 68.47.44.188
> 80.0.150.84
> 80.4.11.170
> 80.4.61.215
> 81.96.126.106
> 81.98.183.82
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug

-- 
That dog sucks!  He keeps chewing on my head!
Mike regarding Goose



More information about the LUG mailing list