From owner-freebsd-security Tue Oct 3 8:46: 7 2000 Delivered-To: freebsd-security@freebsd.org Received: from smtp.doosys.com (smtp.doosys.com [195.64.50.136]) by hub.freebsd.org (Postfix) with ESMTP id 6724437B66C; Tue, 3 Oct 2000 08:46:03 -0700 (PDT) Received: from smtp.intra.doosys.com (IDENT:itcsrv-doosys@smtp.intra.doosys.com. [10.10.10.12]) by smtp.doosys.com (8.9.3/8.9.3) with ESMTP id RAA87349; Tue, 3 Oct 2000 17:38:18 +0200 (CEST) (envelope-from Bart_van_Leeuwen@doosys.com) From: Bart_van_Leeuwen@doosys.com Subject: Re: Script kiddies and port 12345 To: Michael Williams Cc: owner-freebsd-security@FreeBSD.ORG, security@FreeBSD.ORG X-Mailer: Lotus Notes Release 5.0.4 June 8, 2000 Message-ID: Date: Tue, 3 Oct 2000 17:45:52 +0200 X-MIMETrack: Serialize by Router on ITCSRV/DOOSYS(Release 5.0.4a |July 24, 2000) at 10/03/2000 05:45:57 PM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Of course it would be interesting to hear about any new vulnerabilities in NT and products running on it... Using the existance of specific vulnerabilites however is often a very bad argument pro or against any platform. Known vulenrabilities that are left exploitable by a vendor, bad information about existance of such vulnerabiliies, and the actual efford of a vendor to prevent such vulnerabilities might be much better arguments. After all, no piece of software is 100% free from such things, and pointing blindly to vulnerabilities in other products is something that is quite likely to work against you. Just my opinion of course.. ;-) Bart van Leeuwen. mailto:Bart_van_Leeuwen@doosys.com http://www.doosys.com/ mailto:bart@ixori.demon.nl http://www.ixori.demon.nl/ Michael Williams cc: Sent by: Subject: Re: Script kiddies and port 12345 owner-freebsd-security@F reeBSD.ORG 03-10-2000 17:12 On Tue, 3 Oct 2000, Justin Stanford wrote: > More than likely they are just looking for open shares on the SMB port > (139) and netbus servers on port 12345 - this is more within the reach and > ability of the average kiddie and is as common and occurence as dried > fruit :-) Yes, true. But if someone popped up with a new vulnerability for SMS (which runs on port 12345 on -our- network's NT machines, but I'm not an NT admin, so I don't know whether that's default), it would be neat. I like anything that supports the cause of BSD over Windows. :) Regards, Michael Williams To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message