Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Exploit on tcp/4128?

from [Mueller, Lance] Network Security [Permanent Link]
Subject: RE: Exploit on tcp/4128?
Date: Tue, 15 Feb 2005 12:13:36 -0800 
Its looking for Optix Pro v1.3 backdoor...... There is specific data exchanged 
between the client program and the actual backdoor server program for Optix 
Pro....

Look slike a scanner that is looking for Optix Pro RAT's

-lance-


-----Original Message-----
From:   Lawrence Baldwin [mailto:baldwinL@mynetwatchman.com]
Sent:   Mon 2/14/2005 1:59 PM
To:     incidents@securityfocus.com; bugtraq@securityfocus.com
Cc:     
Subject:        Exploit on tcp/4128?
Anyone know what this is:

D:\nc>nc -n -v 64.132.205.69 4128
(UNKNOWN) [64.132.205.69] 4128 (?) open

'ÖP?    ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet
'ÖP?    ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet
'ÖP?    ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet
'ÖP?    ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet

'ÖP?    ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet
'ÖP?
   ?      Version?   1.3?   Error?   ?   ?   Msg?   Invalid Packet    ^C


The same host above is scanning the *world* for this port:

http://www.mynetwatchman.com/LID.asp?IID=146159119

Regards,

Lawrence Baldwin
myNetWatchman.com
 
Note: The information contained in this message may be privileged and  
confidential and thus protected from disclosure. If the reader of this  
message is not the intended recipient, or an employee or agent responsible  
for delivering this message to the intended recipient, you are hereby  
notified that any dissemination, distribution or copying of this  
communication is strictly prohibited.  If you have received this  
communication in error, please notify us immediately by replying to the  
message and deleting it from your computer.  Thank you.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: eBay Account Phishing with eBay Redirect, Nick FitzGerald
Next by Date:  New MSN worm?, Magnus Törnekrona
Previous by Thread:  Re: Exploit on tcp/4128?, H Carvey
Next by Thread:  New MSN worm?, Magnus Törnekrona
Indexes:  [Date] [Thread] [Top] [All Lists]