Network Security: Detailed info on Re: Odd identd behavior

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: Odd identd behavior

from [Mike Owen] Network Security

[Permanent Link]

Subject:	Re: Odd identd behavior
Date:	Mon, 14 Nov 2005 10:40:00 -0800

On 11/14/05, Christopher E. Cramer <chris.cramer@duke.edu> wrote:


Mike,

This looks like the output from an FTP server.  If I had to guess, I would
say that this looks like someone compromised a machine and installed a
warez ftp server on the identd port.

-c

--
Christopher E. Cramer, Ph.D.
University Information Technology Security Officer
Duke University,  Office of Information Technology
334 Blackwell St., Suite 2106, Durham, NC 27701
PH: 919-660-7003  FAX: 919-668-2953  CELL: 919-210-0528



You're right, it does look like that. I didn't even think that it
might be a standard service running on a different port.

I don't own these machines, so I don't really want to connect to these
servers to find out if it really is ftp. It does seem likely that they
are warez servers.


Thanks,
Mike

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Odd identd behavior, Mike Owen Re: Odd identd behavior, Christopher E. Cramer Re: Odd identd behavior, kgp Re: Odd identd behavior, Mike Owen <= Re: Odd identd behavior, k levinson Re: Odd identd behavior, Steve.Cummings RE: Odd identd behavior, Levenglick, Jeff Re: Odd identd behavior, Brian Smith-Sweeney RE: Odd identd behavior, k levinson RE: Odd identd behavior, Andrew Simmons RE: Odd identd behavior, Levenglick, Jeff Re: Odd identd behavior, Mike Owen Re: Odd identd behavior, kgp Re: Odd identd behavior, Barrie Dempster

Previous by Date:	Re: Odd identd behavior, Steve.Cummings
Next by Date:	RE: Odd identd behavior, Levenglick, Jeff
Previous by Thread:	Re: Odd identd behavior, kgp
Next by Thread:	Re: Odd identd behavior, k levinson
Indexes:	[Date] [Thread] [Top] [All Lists]