From owner-freebsd-security  Mon Nov  8 10:19:24 1999
Delivered-To: freebsd-security@freebsd.org
Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108])
	by hub.freebsd.org (Postfix) with ESMTP id 24505152BA
	for <security@FreeBSD.ORG>; Mon,  8 Nov 1999 10:19:11 -0800 (PST)
	(envelope-from danderse@faith.cs.utah.edu)
Received: (from danderse@localhost)
	by faith.cs.utah.edu (8.9.3/8.9.3) id LAA09387;
	Mon, 8 Nov 1999 11:18:31 -0700 (MST)
From: David G Andersen <danderse@cs.utah.edu>
Message-Id: <199911081818.LAA09387@faith.cs.utah.edu>
Subject: Re: Port 1243 scans
To: smithi@nimnet.asn.au
Date: Mon, 8 Nov 1999 11:18:31 -0700 (MST)
Cc: ewayte@pegasus.cc.ucf.edu, security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.96.991109044320.11654A-100000@gaia.nimnet.asn.au> from "Ian Smith" at Nov 9, 99 05:12:30 am
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Right.  What you want instead is:

Well-known port numbers for trojan horse programs:

http://www.sans.org/newlook/resources/IDFAQ/oddports.htm

Unfortunately, 1243 doesn't appear to be used by anything in this list,
either.  Which is still useful information in and of itself. :)  It's
probably someone's customized thing, or an obscure program.

   -Dave

Lo and behold, Ian Smith once said:
> 
> On Mon, 8 Nov 1999, Eric Wayte wrote:
> 
>  > A complete list of assigned port numbers can be found at:
>  > 
>  > http://www.faqs.org/rfcs/rfc1700.html
>  > ftp://ftp.isi.edu/in-notes/iana/assignments/port-numbers
> 
> Thanks Eric, useful; hard to beat Postel's docs for clarity, and the
> latter is current as of November 5th.  However .. 
> 
>  > It appears that 1243 is unassigned.
> 
> Thought it might be :-)  Now blocked and logged, but I'm still curious.
> 
> Cheers, Ian
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 


-- 
work: dga@lcs.mit.edu                          me:  dga@pobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message