Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port 1443

from [Jamie Riden] Network Security [Permanent Link]
Subject: Re: Port 1443
Date: Fri, 22 Dec 2006 17:15:26 +1300
On 22/12/06, Richards, Jim <jim.richards@dot.state.wi.us> wrote: 
Isn't that the admin port for sql-server

[resend, bounced due to nonsubcribed address]

Nearly. Slammer exploited a flaw in SQL server on 1434/udp. SQL server
also uses 1433/tcp IIRC.

"The worm targeting SQL Server computers is self-propagating malicious
code that exploits the vulnerability described in VU#484891
(CAN-2002-0649). This vulnerability allows for the execution of
arbitrary code on the SQL Server computer due to a stack buffer
overflow.

Once the worm compromises a machine, it will try to propagate itself.
The worm will craft packets of 376-bytes and send them to randomly
chosen IP addresses on port 1434/udp. If the packet is sent to a
vulnerable machine, this victim machine will become infected and will
also begin to propagate. Beyond the scanning activity for new hosts,
the current variant of this worm has no other payload." --
http://www.cert.org/advisories/CA-2003-04.html

cheers,
Jamie
--
Jamie Riden, CISSP / jamesr@europe.com / jamie.riden@gmail.com
NZ Honeynet project - http://www.nz-honeynet.org/

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Banner Grabbing, Jamie Riden
Next by Date:  Re: Banner Grabbing, Jamie Riden
Previous by Thread:  RE: Port 1443, Richards, Jim
Next by Thread:  Re: Port 1443, Lee Lawson
Indexes:  [Date] [Thread] [Top] [All Lists]