Date: Tue, 9 Sep 2003 16:23:02 -0400 From: Lawrence Sica <lomion@mac.com> To: Randy Bush <randy@psg.com> Cc: freebsd-security@freebsd.org Subject: Re: is one of my hosts a scanner? Message-ID: <69749FD8-E303-11D7-AF9F-000393A335A2@mac.com> In-Reply-To: <E19wkNI-000BVo-Hp@ran.psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday, September 9, 2003, at 11:25 AM, Randy Bush wrote: >>> seq my host victim(s) >>> --- ---------------- --------------- >>> 24) 192.168.0.2:1121 <--> 216.52.3.2:2703 >>> 25) 192.168.0.2:1122 <--> 216.52.3.4:2703 >>> 39) 192.168.0.2:1124 <--> 216.52.3.2:2703 >> >> Those hosts are at cloudmark.com, which gets used by >> spamassassin (or some part of it). Port 2703 is Razor2 >> <http://www.sng.ecs.soton.ac.uk/cgi-bin/faq?_recurse=1&file=16> - so >> that fits as well. > > <doh!> thanks. > > so tell me, why does the iana think port 2703 is sms-chat? i.e., > why is the port used by razor2 not properly registered as a well > known port? > Maybe razor2 is using the port without checking if it was already assigned for sms-chat? IANA doesn't automagically know who uses what port unless someone tells them I thought. --Larry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69749FD8-E303-11D7-AF9F-000393A335A2>