Date: Tue, 11 Aug 1998 19:47:41 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: "Bruce A. Mah" <bmah@CA.Sandia.GOV> Cc: freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <Pine.BSF.3.96.980811194150.23988A-100000@shell6.ba.best.com> In-Reply-To: <199808120110.SAA14483@stennis.ca.sandia.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
HAHAHAHAHAHAHAHAHA.
We are going to see a lot of them. You see, someone from cDc made
this thingie called Back Orifice: www.cultdeadcow.com for more info.
It is basically a tool which backdoors Win95/98 systems and allows
you manipulate them remotely: sniff keyboard, capture screen, shutdown,
start apps, use speakers.. basically, your average windows crap.
By default it uses UDP and yes, it run on port 31337. Since you
are running UDP, you have nothing to worry about. I am however curios how
lame it will get and how soon someone will get pissed and create a
winnuked running on port 31337 for someone trying to connect to you on
port 31337 via UDP. *sigh*
-- Yan
www.best.com/~jkb/ Unix users of the world unite:
www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com
"Turn up the lights, I don't want to go home in the dark."
On Tue, 11 Aug 1998, Bruce A. Mah wrote:
>A marginally off-topic question: Can anyone tell me what service uses UDP
>port 31337? I have a FreeBSD box that has received and logged three packets
>on this port in the last 24 hours:
>
>Aug 11 04:41:35 hornet /kernel: Connection attempt to UDP WW.XX.YY.ZZ:31337
>from AA.BB.CC.DD:1190
>
>Give prior experience on the target machine, I wouldn't be surprised if it's
>part of a portscan, but I don't know what such a scan would be probing for.
>
>Thanks in advance,
>
>Bruce.
>
>
>
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980811194150.23988A-100000>