Date: Sat, 5 Apr 1997 12:38:40 -0600 (CST) From: igor@alecto.physics.uiuc.edu (Igor Roshchin) To: gpalmer@freebsd.org (Gary Palmer) Cc: james@nexis.net, freebsd-isp@freebsd.org, freebsd-security@freebsd.org Subject: Is it an attempt to use some wu-ftpd exploit ? Message-ID: <199704051838.MAA28007@alecto.physics.uiuc.edu> In-Reply-To: <10330.860218456@orion.webspan.net> from "Gary Palmer" at Apr 5, 97 00:34:16 am
index | next in thread | previous in thread | raw e-mail
Hello! I am not sure, I might have missed some message about such an exploit, but recently I've noticed in the syslog that people are trying to "scan" ports using ftp. I am running Version wu-2.4.2-academ[BETA-12](2) (I compiled it on Feb 2, 1997) The message I see in the syslog is of the following type: ftpd[3313]: refused PORT 0,3451 from tba-40.tba.com.br And, the port number can be a different number, I believe in the range 1xxx-4xxx ir even 5xxx Any idea ? Thanks! I did not have time to look into the source code yet, but may be somebody can advise me what are the possible situations when such message is generated. IgoRhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704051838.MAA28007>