SCOUG Logo


Next Meeting: Sat, TBD
Meeting Directions

Be a Member
Join SCOUG

Navigation:


Help with Searching

20 Most Recent Documents
Search Archives
Index by date, title, author, category.

Features:

Mr. Know-It-All
Ink
Download!




SCOUG:

Home

Email Lists

SIGs (Internet, General Interest, Programming, Network, more..)

Online Chats

Business

Past Presentations

Credits

Submissions

Contact SCOUG

Copyright SCOUG


warp expowest
Pictures from Sept. 1999
The views expressed in articles on this site are those of their authors.

warptech
SCOUG was there!

Copyright 1998-2024, Southern California OS/2 User Group. ALL RIGHTS RESERVED.

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.

The Southern California OS/2 User Group
USA

SCOUG-HELP Mailing List Archives

Return to [ 19 | May | 2002 ]

>> Next Message >>

Date: Sun, 19 May 2002 02:03:20 PST7
From: Peter Skye <pskye@peterskye.com >
Reply-To: scoug-help@scoug.com
To: scoug-help@scoug.com
Subject: SCOUG-Help: My ISP is hacking me ?

Content Type: text/plain

=====================================================
If you are responding to someone asking for help who
may not be a member of this list, be sure to use the
REPLY TO ALL feature of your email program.
=====================================================

Steven Levine wrote:
>
> >The probes aren't on server ports, they're higher up --
> >137, 139, 548, 888, 5632. (See \MPTN\ETC\services)
>
> Those ports sound suspiciously like ports used by
> some IRC worms. You might try a google search for:
>
> worm port 888

Good thinking. The "888" resulted in lots of (888) area code number
hits, so I changed the search to

worm port list

and found some good sites (one is
http://www.iss.net/security_center/advice/Exploits/Ports/ if anybody
else is looking at their firewall logs).

Amazing stuff! 548 is AppleTalk File Sharing Protocol - some Mac script
kiddie is after my machine. 5632 is PCAnywhere - a Windows freaker is
trying to remotely run my desktop. Haven't found 888 yet.

Just looked at my firewall log again; there's a guy who's been
relentlessly banging on my port 80 since 8:36 last night. And he's on
Verizon, same as me. What good is port 80? What's he going to do, try
to run "cgi-bin?fdisk" just for fun?

- Peter

=====================================================

To unsubscribe from this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-help".

For problems, contact the list owner at
"rollin@scoug.com".

=====================================================

>> Next Message >>

Return to [ 19 | May | 2002 ]

The Southern California OS/2 User Group
P.O. Box 26904
Santa Ana, CA 92799-6904, USA

Copyright 2001 the Southern California OS/2 User Group. ALL RIGHTS RESERVED.

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.