From owner-freebsd-security Sun Nov 26 8:59:39 2000 Delivered-To: freebsd-security@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.189]) by hub.freebsd.org (Postfix) with SMTP id 22DF737B479 for ; Sun, 26 Nov 2000 08:59:35 -0800 (PST) Received: (qmail 371 invoked by uid 1000); 26 Nov 2000 16:59:02 -0000 Date: Sun, 26 Nov 2000 18:59:02 +0200 From: Peter Pentchev To: Buliwyf McGraw Cc: freebsd-security@FreeBSD.ORG Subject: Re: fics Message-ID: <20001126185902.A356@ringworld.oblivion.bg> Mail-Followup-To: Buliwyf McGraw , freebsd-security@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from buliwyf@libertad.univalle.edu.co on Sun, Nov 26, 2000 at 11:42:07AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, Nov 26, 2000 at 11:42:07AM -0500, Buliwyf McGraw wrote: > > Anybody knows about a trojan or something bad called "fics"??? > > I found this in one pc on my intranet: > > Interesting ports on (192.168.20.50): > Port State Protocol Service > 5000 open tcp fics > > Thanks by any coments... FICS is the Free Internet Chess Server, a server for providing human-to-human play across the 'net to gnuchess, xboard and similar chess programs. I guess your question is better rephrased as 'Anybody know about a trojan or something bad listening on port 5000', though I guess somebody might be running a gnuchess/xboard/WinBoard or something on that PC; I do not remember if FICS clients also needed a listening port on the client side, though I think not. G'luck, Peter -- .siht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message