Date: Sat, 5 Apr 1997 12:38:40 -0600 (CST) From: igor@alecto.physics.uiuc.edu (Igor Roshchin) To: gpalmer@freebsd.org (Gary Palmer) Cc: james@nexis.net, freebsd-isp@freebsd.org, freebsd-security@freebsd.org Subject: Is it an attempt to use some wu-ftpd exploit ? Message-ID: <199704051838.MAA28007@alecto.physics.uiuc.edu> In-Reply-To: <10330.860218456@orion.webspan.net> from "Gary Palmer" at Apr 5, 97 00:34:16 am
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! I am not sure, I might have missed some message about such an exploit, but recently I've noticed in the syslog that people are trying to "scan" ports using ftp. I am running Version wu-2.4.2-academ[BETA-12](2) (I compiled it on Feb 2, 1997) The message I see in the syslog is of the following type: ftpd[3313]: refused PORT 0,3451 from tba-40.tba.com.br And, the port number can be a different number, I believe in the range 1xxx-4xxx ir even 5xxx Any idea ? Thanks! I did not have time to look into the source code yet, but may be somebody can advise me what are the possible situations when such message is generated. IgoR
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704051838.MAA28007>